package handlers

import (
	"authentication/helper"
	"net/http"
)

const (
	AccessControlExposeHeaders = "Access-Control-Expose-Headers"
	XCsrfToken                 = "X-CSRF-Token"
)

// CSRFToken issues a CSRF token by relying on the CSRFMiddleware
// to set the token in the response header and cookie on GET requests.
func CSRFToken(w http.ResponseWriter, r *http.Request) {
	w.Header().Set(AccessControlExposeHeaders, XCsrfToken)
	helper.RespondWithJSON(w, http.StatusOK, map[string]string{
		"message": "CSRF token set",
	})
}