@@ -19,7 +19,11 @@ import type { SalesChannel } from './types/SalesChannel'
1919import type { MasterDataResponse } from './types/Newsletter'
2020import type { Address , AddressInput } from './types/Address'
2121import type { DeliveryMode , SelectedAddress } from './types/ShippingData'
22- import { getStoreCookie , getWithCookie } from '../../utils/cookies'
22+ import {
23+ getCookieFromRequestHeaders ,
24+ getStoreCookie ,
25+ getWithCookie ,
26+ } from '../../utils/cookies'
2327import type { ProductRating } from './types/ProductRating'
2428import type {
2529 CreateProductReviewInput ,
@@ -28,6 +32,7 @@ import type {
2832} from './types/ProductReview'
2933import { adaptObject } from '../../utils/adaptObject'
3034import { camelToSnakeCase } from '../../utils/camelToSnakeCase'
35+ import { NotAuthorizedError } from '../../../errors'
3136
3237type ValueOf < T > = T extends Record < string , infer K > ? K : never
3338
@@ -383,10 +388,22 @@ export const VtexCommerce = (
383388 } ,
384389 reviews : {
385390 create : ( input : CreateProductReviewInput ) : Promise < string > => {
391+ const authCookieKey : string = `VtexIdclientAutCookie_${ account }
392+
393+ const authCookie = getCookieFromRequestHeaders ( ctx , authCookieKey ) ?? ''
394+
395+ if ( ! authCookie ) {
396+ throw new NotAuthorizedError ( 'Missing auth cookie' )
397+ }
398+
386399 return fetchAPI (
387400 `${ base } ${ REVIEWS_AND_RATINGS_API_PATH } ,
388401 {
389402 ...BASE_INIT ,
403+ headers : {
404+ ...BASE_INIT . headers ,
405+ VtexIdclientAutCookie : authCookie ,
406+ } ,
390407 body : JSON . stringify ( input ) ,
391408 method : 'POST' ,
392409 } ,
0 commit comments