rainbownapkin/canopy
1
0
Fork 0
Code Issues 20 Pull requests Projects Releases Packages Wiki Activity Actions

Added CSRF tokens to non-partial templates.

Browse source
This commit is contained in:
rainbow napkin 2024-12-29 15:02:37 -05:00
parent 2ea3c72a61
commit 83f76af6e8
24 changed files with 94 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/controllers/channelSettingsController.js
View file

@ -18,9 +18,10 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.*/
const config = require('../../config.json');
//local imports
const {exceptionHandler, errorHandler} = require('../utils/loggerUtils');
const channelModel = require('../schemas/channel/channelSchema');
const permissionModel = require('../schemas/permissionSchema');
const csrfUtils = require('../utils/csrfUtils');
const {exceptionHandler, errorHandler} = require('../utils/loggerUtils');
//root index functions
module.exports.get = async function(req, res){
@ -38,7 +39,7 @@ module.exports.get = async function(req, res){
throw new Error("Channel not found.");
}
return res.render('channelSettings', {instance: config.instanceName, user: req.session.user, channel: chanDB, reqRank, rankEnum: permissionModel.rankEnum});
return res.render('channelSettings', {instance: config.instanceName, user: req.session.user, channel: chanDB, reqRank, rankEnum: permissionModel.rankEnum, csrfToken: csrfUtils.generateToken(req)});
}catch(err){
return exceptionHandler(res, err);
}