Now supports saving when mounted on a subdomain.

Added support for cross-domain AJAX saves of albums and images. So the web app can be served from foo.server.com and the actual server can stay at server.com.
deanmoses · Mar 31, 2017 · ccc541b · ccc541b
1 parent 2bafa51
commit ccc541b
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 14 deletions.
diff --git a/app/scripts/components/album.jsx b/app/scripts/components/album.jsx
@@ -611,7 +611,8 @@ var EditMenu = React.createClass({
             url: Config.jsonAlbumEditUrl(this.props.album.path),
             cache: false,
             dataType: 'json',
-            data: ajaxData
+            data: ajaxData,
+            xhrFields: { withCredentials: true } // necessary when sending an authenticated AJAX request to a subdomain, otherwise it won't pass the cookies
         })
         .done(function(result) {
             if (!result.success) {
@@ -623,15 +624,17 @@ var EditMenu = React.createClass({
 
             // If it's a year album, hit the PHP that triggers refreshing the album's cache on the server. 
             // Don't bother looking at response; there's nothing we can do if it fails.
-            $.ajax({
-                type: 'POST',
-                url: 'https://tacocat.com/p_json/refresh.php',
-                cache: false,
-                dataType: 'json',
-                data: {
-                    album: this.props.album.path
-                }
-            });
+            if (isYearAlbum) {
+                $.ajax({
+                    type: 'POST',
+                    url: 'https://tacocat.com/p_json/refresh.php',
+                    cache: false,
+                    dataType: 'json',
+                    data: {
+                        album: this.props.album.path
+                    }
+                });
+            }
 
             // Hit the PHP that triggers refreshing the parent album's cache on the server.
             // Don't bother looking at response; there's nothing we can do if it fails.

diff --git a/app/scripts/models/user.js b/app/scripts/models/user.js
@@ -8,14 +8,27 @@ var Config = require('../config.js');
 var Model = require('ampersand-model');
 var User = Model.extend({
     props: {
-		isAdmin: ['boolean', true, false], // required attribute, defaulted to false
-        editMode: ['boolean', false, false] // never sent from server, defaulted to false
+		isAdmin: ['boolean', true /*required*/, false /*defaulted to false*/],
+        editMode: ['boolean', false /*never sent from server*/, false /*defaulted to false*/]
 	},
 
-	// the URL of the JSON REST API from which to retrieve the album
+	// URL of the JSON REST API from which to retrieve the album
 	url: function() {
 		return Config.jsonUserUrl();
-	}
+	},
+
+	// ajaxConfig: fields to set directly on the XHR request object
+	// withCredentials: send cross domain requests with authorization headers/cookies. 
+	// Useful if you're making cross sub-domain requests with a root-domain auth cookie,
+	// such as when the app is served from cdn.tacocat.com but the ajax requests are
+	// going to tacocat.com.
+	ajaxConfig: function () {
+        return {
+            xhrFields: {
+                'withCredentials': true
+            }
+        };
+    }
 });
 
 var UserStore = {