This project was bootstrapped with Create React App.

Your React App will live here. While is development, run this application from this location using npm start or yarn start.

No environment variables are needed to run this application in development, but be sure to edit the "proxy" in the package.json if needed.

This app will be automatically built when you deploy to heroku, please see the heroku-postbuild script in your express.js application's package.json, NOT React's package.json to see how this works.

If you are using Redux, then run:

npm install redux react-redux redux-thunk

For CSRF Protection on all request methods besides GET, you need to define a X-CSRF-TOKEN header that has a value of the XSRF-TOKEN cookie.

Example of a fetch request with CSRF:

import Cookies from 'js-cookie';

const login = async () => {
  const csrfToken = Cookies.get("XSRF-TOKEN");
  const res = await fetch("/api/session", {
    method: "put",
    headers: {
      "Content-Type": "application/json",
      "X-CSRF-TOKEN": csrfToken,
    },
    body: JSON.stringify({
      username: "Demo-lition",
      password: "password"
    }),
  });
  res.data = await res.json(); // current user info
  if (res.ok) {
    return res.data;
  }
};