MirrorMirror
/
funkwhale
mirror of https://dev.funkwhale.audio/funkwhale/funkwhale.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed auth/csrf issues

This commit is contained in:
Agate 2020-07-03 11:35:11 +02:00
parent 1032e94eb4
commit 50c3071c56
2 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
api/funkwhale_api/users/views.py
View File

@ -128,11 +128,17 @@ def login(request):
) )
serializer.save(request) serializer.save(request)
csrf.rotate_token(request) csrf.rotate_token(request)
return http.HttpResponse(status=200) token = csrf.get_token(request)
response = http.HttpResponse(status=200)
response.set_cookie("csrftoken", token, max_age=None)
return response
def logout(request): def logout(request):
if request.method != "POST": if request.method != "POST":
return http.HttpResponse(status=405) return http.HttpResponse(status=405)
auth.logout(request) auth.logout(request)
return http.HttpResponse(status=200) token = csrf.get_token(request)
response = http.HttpResponse(status=200)
response.set_cookie("csrftoken", token, max_age=None)
return response

4
front/src/store/auth.js
View File

@ -168,10 +168,6 @@ export default {
commit(`${m}/reset`, null, {root: true}) commit(`${m}/reset`, null, {root: true})
}) })
logger.default.info('Log out, goodbye!') logger.default.info('Log out, goodbye!')
await router.push({name: 'index'}, () => {
// refresh to get a new CSRF token
window.location.reload(true)
})
}, },
async check ({commit, dispatch, state}) { async check ({commit, dispatch, state}) {
logger.default.info('Checking authentication…') logger.default.info('Checking authentication…')