FIX: add csrf token to all wizard ajax requests in dev (#129)

* FIX: add csrf token to all wizard ajax requests in dev

* fix formatting

* simplified code

* Update field.rb

assets/javascripts/wizard/initializers/custom-wizard.js.es6

@@ -26,7 +26,11 @@ export default {
     const setDefaultOwner = requirejs("discourse-common/lib/get-owner")
       .setDefaultOwner;
     const messageBus = requirejs("message-bus-client").default;
-
+    const getToken = requirejs("wizard/lib/ajax").getToken;
+    const setEnvironment = requirejs("discourse-common/config/environment")
+      .setEnvironment;
+    const isDevelopment = requirejs("discourse-common/config/environment")
+      .isDevelopment;
     const container = app.__container__;
     Discourse.Model = EmberObject.extend();
     Discourse.__container__ = container;
@@ -89,6 +93,7 @@ export default {
     const session = container.lookup("session:main");
     const setupData = document.getElementById("data-discourse-setup").dataset;
     session.set("highlightJsPath", setupData.highlightJsPath);
+    setEnvironment(setupData.environment);
 
     Router.reopen({
       rootURL: getUrl("/w/"),
@@ -107,5 +112,11 @@ export default {
       },
       model() {},
     });
+
+    $.ajaxPrefilter(function (_, __, jqXHR) {
+      if (isDevelopment()) {
+        jqXHR.setRequestHeader("X-CSRF-Token", getToken());
+      }
+    });
   },
 };