I'm currently doing a small bit of integration work for someone and one of their requests was to get the xenforo navigation bar (Profile, Inbox, Alerts and Logout) on their website (wordpress).
They are using the Xenforo Integration WP plugin to unify the logins and that's given me an easy way to access the userinfo.
I found this is because of it expecting _xfToken. After some digging I found how this was generated and included it into the userinfo array and spat it out into the source wherever it was referenced.
However when using Firebug to watch the ajax call (for either inbox or alerts) I can see it's not including _xfToken as one of the parameter:
I've taken a long look at the xenforo.js file which leads me to a variable called XenForo._csrfToken which seems to be blank at the point it's used (when in WP). But I can't see where this variable is meant to be initialized as most of my alerts weren't firing.
Is what I'm attempting to do even possible? And if so I would really appreciate a little help in getting the ajax call to include the csrfToken that I have.
The other option I have briefly read about involved rendering the templates but as the navigation template includes several sub-templates I weren't sure how this would affect it plus there appeared to be a lot of variables that would need to be defined therefore complicating matters.