Revert "#101700 change csrf token access"

This reverts commit c12e545ccd6f16e4ef557b86311102b13a0d3fa6.

netbox/project-static/package.json

@@ -27,6 +27,7 @@
     "bootstrap": "~5.0.2",
     "clipboard": "^2.0.8",
     "color2k": "^1.2.4",
+    "cookie": "^0.4.1",
     "dayjs": "^1.10.4",
     "flatpickr": "4.6.3",
     "htmx.org": "^1.6.1",

netbox/project-static/src/util.ts

@@ -1,11 +1,9 @@
+import Cookie from 'cookie';
+
 type Method = 'GET' | 'POST' | 'PATCH' | 'PUT' | 'DELETE';
 type ReqData = URLSearchParams | Dict | undefined | unknown;
 type SelectedOption = { name: string; options: string[] };
 
-declare global {
-    interface Window { CSRF_TOKEN: any; }
-}
-
 /**
  * Infer valid HTMLElement props based on element name.
  */
@@ -95,12 +93,23 @@ export function isElement(obj: Element | null | undefined): obj is Element {
   return typeof obj !== null && typeof obj !== 'undefined';
 }
 
+/**
+ * Retrieve the CSRF token from cookie storage.
+ */
+function getCsrfToken(): string {
+  const { csrftoken: csrfToken } = Cookie.parse(document.cookie);
+  if (typeof csrfToken === 'undefined') {
+    throw new Error('Invalid or missing CSRF token');
+  }
+  return csrfToken;
+}
+
 export async function apiRequest<R extends Dict, D extends ReqData = undefined>(
   url: string,
   method: Method,
   data?: D,
 ): Promise<APIResponse<R>> {
-  const token = window.CSRF_TOKEN;
+  const token = getCsrfToken();
   const headers = new Headers({ 'X-CSRFToken': token });
 
   let body;

netbox/project-static/yarn.lock

@@ -737,6 +737,11 @@ configstore@^3.0.0:
     write-file-atomic "^2.0.0"
     xdg-basedir "^3.0.0"
 
+cookie@^0.4.1:
+  version "0.4.1"
+  resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.4.1.tgz#afd713fe26ebd21ba95ceb61f9a8116e50a537d1"
+  integrity sha512-ZwrFkGJxUR3EIoXtO+yVE69Eb7KlixbaeAWfBQB9vVsNn/o+Yw69gBWSSDK825hQNdN+wF8zELf3dFNl/kxkUA==
+
 copy-to-clipboard@^3.2.0:
   version "3.3.1"
   resolved "https://registry.yarnpkg.com/copy-to-clipboard/-/copy-to-clipboard-3.3.1.tgz#115aa1a9998ffab6196f93076ad6da3b913662ae"

netbox/templates/base/base.html

@@ -99,7 +99,6 @@
           }
           return setMode("light", true);
       })();
-      window.CSRF_TOKEN = "{{ csrf_token }}";
     </script>
 
     {# Static resources #}