coop/federation
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add CSRF tokens to login and choose-username forms
All checks were successful
Build and Deploy / build-and-deploy (push) Successful in 37s
Details

Browse Source 
Both forms were missing the hidden csrf_token input,
causing 400 Bad Request on POST.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
giles
2026-02-21 15:43:01 +00:00
parent 41e9670975
commit 0bb057d65b
2 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
templates/auth/login.html
View File

@@ -11,6 +11,7 @@
{% endif %}
<form method="post" action="{{ url_for('auth.start_login') }}" class="space-y-4">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
<div>
<label for="email" class="block text-sm font-medium mb-1">Email address</label>
<input