From 99a185465f602db3fa06e66373acd638fc09d045 Mon Sep 17 00:00:00 2001
From: colin <colin.in@foxmail.com>
Date: Mon, 8 Sep 2025 11:53:41 +0800
Subject: [PATCH] feat(xsrf): Add `xsrf-token` in the request header

---
 apps/vben5/apps/app-antd/src/adapter/request/index.ts | 3 +++
 apps/vben5/packages/@abp/core/src/store/abp.ts        | 9 +++++++++
 2 files changed, 12 insertions(+)

diff --git a/apps/vben5/apps/app-antd/src/adapter/request/index.ts b/apps/vben5/apps/app-antd/src/adapter/request/index.ts
index 41a3415a4..1fe3242a1 100644
--- a/apps/vben5/apps/app-antd/src/adapter/request/index.ts
+++ b/apps/vben5/apps/app-antd/src/adapter/request/index.ts
@@ -61,6 +61,9 @@ export function initRequestClient() {
       if (abpStore.tenantId) {
         config.headers.__tenant = abpStore.tenantId;
       }
+      if (abpStore.xsrfToken) {
+        config.headers.RequestVerificationToken = abpStore.xsrfToken;
+      }
       return config;
     },
   });
diff --git a/apps/vben5/packages/@abp/core/src/store/abp.ts b/apps/vben5/packages/@abp/core/src/store/abp.ts
index c3d9e4f44..567c8ca95 100644
--- a/apps/vben5/packages/@abp/core/src/store/abp.ts
+++ b/apps/vben5/packages/@abp/core/src/store/abp.ts
@@ -6,11 +6,17 @@ import type {
 import { ref } from 'vue';
 
 import { acceptHMRUpdate, defineStore } from 'pinia';
+import Cookies from 'universal-cookie';
 
 export const useAbpStore = defineStore(
   'abp',
   () => {
+    const cookies = new Cookies(null, {
+      domain: window.location.host,
+      path: '/',
+    });
     const tenantId = ref<string>();
+    const xsrfToken = ref<string>();
     const application = ref<ApplicationConfigurationDto>();
     const localization = ref<ApplicationLocalizationDto>();
     /** 获取 i18n 格式本地化文本 */
@@ -52,6 +58,7 @@ export const useAbpStore = defineStore(
 
     function setApplication(val: ApplicationConfigurationDto) {
       application.value = val;
+      xsrfToken.value = cookies.get('XSRF-TOKEN');
     }
 
     function setLocalization(val: ApplicationLocalizationDto) {
@@ -59,12 +66,14 @@ export const useAbpStore = defineStore(
     }
 
     function $reset() {
+      xsrfToken.value = undefined;
       application.value = undefined;
     }
 
     return {
       $reset,
       application,
+      xsrfToken,
       getI18nLocales,
       localization,
       setApplication,