mirror of
https://github.com/khoj-ai/khoj.git
synced 2024-11-30 19:03:01 +01:00
Redirect user to the login page when either of the csrf token inputs is missing
This commit is contained in:
parent
d257629f81
commit
27815d982c
1 changed files with 4 additions and 2 deletions
|
@ -96,10 +96,12 @@ async def auth(request: Request):
|
||||||
|
|
||||||
csrf_token_cookie = request.cookies.get("g_csrf_token")
|
csrf_token_cookie = request.cookies.get("g_csrf_token")
|
||||||
if not csrf_token_cookie:
|
if not csrf_token_cookie:
|
||||||
return Response("Missing CSRF token", status_code=400)
|
logger.info("Missing CSRF token. Redirecting user to login page")
|
||||||
|
return RedirectResponse(url=f"{next_url}")
|
||||||
csrf_token_body = form.get("g_csrf_token")
|
csrf_token_body = form.get("g_csrf_token")
|
||||||
if not csrf_token_body:
|
if not csrf_token_body:
|
||||||
return Response("Missing CSRF token", status_code=400)
|
logger.info("Missing CSRF token body. Redirecting user to login page")
|
||||||
|
return RedirectResponse(url=f"{next_url}")
|
||||||
if csrf_token_cookie != csrf_token_body:
|
if csrf_token_cookie != csrf_token_body:
|
||||||
return Response("Invalid CSRF token", status_code=400)
|
return Response("Invalid CSRF token", status_code=400)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue