This repository has been archived on 2026-02-24. You can view files and clone it. You cannot open issues or pull requests or push a commit.

giles 3e0669a335 Exempt oauth/token from CSRF — server-to-server API endpoint ...

External clients like artdag POST to this endpoint from their
backend, so there's no browser session with a CSRF token.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-24 01:06:19 +00:00

..

services

Move auth server from federation to account

2026-02-23 12:00:20 +00:00

__init__.py

Move auth server from federation to account

2026-02-23 12:00:20 +00:00

routes.py

Exempt oauth/token from CSRF — server-to-server API endpoint

2026-02-24 01:06:19 +00:00