x/web-app-template
Archived
Template
2
0
Fork 0
Code Issues 13 Pull Requests 4 Actions Packages Activity

chore(auth): #331 add tests for delete account
All checks were successful
Build Docker Image / Build-Docker-Image (push) Successful in 46s
Details
Build and Push Docker Image / Build-And-Push-Docker-Image (push) Successful in 51s
Details

Browse Source
This commit was merged in pull request #343.
This commit is contained in:
Tim Wundenberg
2024-12-22 23:07:15 +01:00
parent 6a551929c5
commit fb6cc0acda
3 changed files with 164 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
handler/middleware/cross_site_request_forgery.go
View File

@@ -56,8 +56,8 @@ func CrossSiteRequestForgery(auth service.Auth) func(http.Handler) http.Handler
if csrfToken == "" {
csrfToken = r.Header.Get("csrf-token")
}
if csrfToken == "" || !auth.IsCsrfTokenValid(csrfToken, session.Id) {
http.Error(w, "", http.StatusForbidden)
if session == nil || csrfToken == "" || !auth.IsCsrfTokenValid(csrfToken, session.Id) {
http.Error(w, "CSRF-Token not correct", http.StatusBadRequest)
return
}
}