chore(auth): #331 implement and fix sign up tests

2024-12-23 22:51:46 +01:00
parent 7a7d7cf204
commit 4c869b8f08
3 changed files with 176 additions and 3 deletions
--- a/handler/middleware/cross_site_request_forgery.go
+++ b/handler/middleware/cross_site_request_forgery.go
@@ -8,6 +8,7 @@ import (
 	"me-fit/log"
 	"me-fit/service"
 	"me-fit/types"
+	"me-fit/utils"
 )

 type csrfResponseWriter struct {
@@ -57,7 +58,11 @@ func CrossSiteRequestForgery(auth service.Auth) func(http.Handler) http.Handler
 				}
 				if session == nil || csrfToken == "" || !auth.IsCsrfTokenValid(csrfToken, session.Id) {
 					log.Info("CSRF-Token not correct")
-					http.Error(w, "CSRF-Token not correct", http.StatusBadRequest)
+					if r.Header.Get("HX-Request") == "true" {
+						utils.TriggerToast(w, r, "error", "CSRF-Token not correct", http.StatusBadRequest)
+					} else {
+						http.Error(w, "CSRF-Token not correct", http.StatusBadRequest)
+					}
 					return
 				}
 			}