CalDAV: Support Basic auth; trim+validate UUID; deprecate query token via headers; ICS end time helper; docs+instructions updated

src/client/rpc-client.ts

@@ -5,8 +5,32 @@ import { createTanstackQueryUtils } from "@orpc/tanstack-query";
 
 import type { router } from "@/server/rpc";
 
-const link = new RPCLink({ url: `${window.location.origin}/rpc` });
+// Helper function to read CSRF token from cookie
+function getCSRFToken(): string {
+  const cookieValue = document.cookie
+    .split('; ')
+    .find(row => row.startsWith('csrf-token='))
+    ?.split('=')[1];
+  return cookieValue || '';
+}
+
+const link = new RPCLink({
+  url: `${window.location.origin}/rpc`,
+  headers: () => {
+    const csrfToken = getCSRFToken();
+    return csrfToken ? { 'X-CSRF-Token': csrfToken } : {};
+  },
+  fetch: (request, init) => {
+    return fetch(request, {
+      ...init,
+      credentials: 'include' // Include cookies with all requests
+    });
+  }
+});
 
 export const rpcClient: RouterClient<typeof router> = createORPCClient(link);
 
 export const queryClient = createTanstackQueryUtils(rpcClient);
+
+// Export helper for potential use in other parts of the client code
+export { getCSRFToken };