//  Append our CSRF token to AJAX requests when necessary.
export default {
  name: "csrf-token",
  initialize: function(container) {
    var session = container.lookup("session:main");

    // Add a CSRF token to all AJAX requests
    session.set("csrfToken", $("meta[name=csrf-token]").attr("content"));

    $.ajaxPrefilter(function(options, originalOptions, xhr) {
      if (!options.crossDomain) {
        xhr.setRequestHeader("X-CSRF-Token", session.get("csrfToken"));
      }
    });
  }
};