function getCsrf() { const match = document.cookie.match(/XSRF-TOKEN=([^;]+)/); return match ? decodeURIComponent(match[1]) : ''; } export function initHeader($header) { const authed = window.isAuth === true; const user = window.currentUser; const displayName = user && user.firstName ? user.firstName : (user && user.email ? user.email : 'Профиль'); $header.append(` `); if (authed) { $('#logout-btn').on('click', function () { const $btn = $(this); $btn.html('Выход...').prop('disabled', true); $.ajax({ url: '/account/logout', type: 'POST', beforeSend: xhr => xhr.setRequestHeader('X-XSRF-TOKEN', getCsrf()), complete: () => { window.location.href = '/'; } }); }); } }