csrf token handling, two jwt tokens

frontend/src/services/api.ts

@@ -39,7 +39,7 @@ const api = axios.create({
 export const fetchCSRFToken = async (): Promise<string> => {
   try {
     const response = await api.get("/auth/csrf-token");
-    csrfToken = response.data.csrfToken || "";
+    csrfToken = response.headers["x-csrf-token"] || "";
     return csrfToken || "";
   } catch (error) {
     console.error("Failed to fetch CSRF token:", error);
@@ -286,10 +286,14 @@ export const forumAPI = {
   deleteComment: (commentId: string) =>
     api.delete(`/forum/comments/${commentId}`),
   // Admin endpoints
-  adminDeletePost: (id: string, reason: string) => api.delete(`/forum/admin/posts/${id}`, { data: { reason } }),
-  adminRestorePost: (id: string) => api.patch(`/forum/admin/posts/${id}/restore`),
-  adminDeleteComment: (id: string, reason: string) => api.delete(`/forum/admin/comments/${id}`, { data: { reason } }),
-  adminRestoreComment: (id: string) => api.patch(`/forum/admin/comments/${id}/restore`),
+  adminDeletePost: (id: string, reason: string) =>
+    api.delete(`/forum/admin/posts/${id}`, { data: { reason } }),
+  adminRestorePost: (id: string) =>
+    api.patch(`/forum/admin/posts/${id}/restore`),
+  adminDeleteComment: (id: string, reason: string) =>
+    api.delete(`/forum/admin/comments/${id}`, { data: { reason } }),
+  adminRestoreComment: (id: string) =>
+    api.patch(`/forum/admin/comments/${id}/restore`),
   adminClosePost: (id: string) => api.patch(`/forum/admin/posts/${id}/close`),
   adminReopenPost: (id: string) => api.patch(`/forum/admin/posts/${id}/reopen`),
 };