Remove csrf middleware for wno
This commit is contained in:
parent
dd99b690d1
commit
05a6f5ca06
2 changed files with 0 additions and 7 deletions
|
@ -37,8 +37,6 @@ const redisUrl = process.env.REDIS_URL || process.env.REDISTOGO_URL || 'redis://
|
||||||
|
|
||||||
const app = koa();
|
const app = koa();
|
||||||
|
|
||||||
csrf(app);
|
|
||||||
|
|
||||||
let statsdOpts = {prefix: 'hostr-web', host: process.env.STATSD_HOST || 'localhost'};
|
let statsdOpts = {prefix: 'hostr-web', host: process.env.STATSD_HOST || 'localhost'};
|
||||||
let statsd = new StatsD(statsdOpts);
|
let statsd = new StatsD(statsdOpts);
|
||||||
app.use(function*(next) {
|
app.use(function*(next) {
|
||||||
|
|
|
@ -5,7 +5,6 @@ export function* signin() {
|
||||||
return yield this.render('signin', {csrf: this.csrf});
|
return yield this.render('signin', {csrf: this.csrf});
|
||||||
}
|
}
|
||||||
this.statsd.incr('auth.attempt', 1);
|
this.statsd.incr('auth.attempt', 1);
|
||||||
this.assertCsrf(this.request.body._csrf);
|
|
||||||
|
|
||||||
const user = yield authenticate(this, this.request.body.email, this.request.body.password);
|
const user = yield authenticate(this, this.request.body.email, this.request.body.password);
|
||||||
if(!user) {
|
if(!user) {
|
||||||
|
@ -26,8 +25,6 @@ export function* signup() {
|
||||||
return yield this.render('signup', {csrf: this.csrf});
|
return yield this.render('signup', {csrf: this.csrf});
|
||||||
}
|
}
|
||||||
|
|
||||||
this.assertCsrf(this.request.body._csrf);
|
|
||||||
|
|
||||||
if (this.request.body.email !== this.request.body.confirm_email) {
|
if (this.request.body.email !== this.request.body.confirm_email) {
|
||||||
return yield this.render('signup', {error: 'Emails do not match.', csrf: this.csrf});
|
return yield this.render('signup', {error: 'Emails do not match.', csrf: this.csrf});
|
||||||
} else if (this.request.body.email && !this.request.body.terms) {
|
} else if (this.request.body.email && !this.request.body.terms) {
|
||||||
|
@ -52,7 +49,6 @@ export function* forgot(token) {
|
||||||
const Reset = this.db.Reset;
|
const Reset = this.db.Reset;
|
||||||
const Users = this.db.Users;
|
const Users = this.db.Users;
|
||||||
if (this.request.body.email) {
|
if (this.request.body.email) {
|
||||||
this.assertCsrf(this.request.body._csrf);
|
|
||||||
var email = this.request.body.email;
|
var email = this.request.body.email;
|
||||||
yield sendResetToken(this, email);
|
yield sendResetToken(this, email);
|
||||||
this.statsd.incr('auth.reset.request', 1);
|
this.statsd.incr('auth.reset.request', 1);
|
||||||
|
@ -61,7 +57,6 @@ export function* forgot(token) {
|
||||||
if (this.request.body.password.length < 7) {
|
if (this.request.body.password.length < 7) {
|
||||||
return yield this.render('forgot', {error: 'Password needs to be at least 7 characters long.', token: token, csrf: this.csrf});
|
return yield this.render('forgot', {error: 'Password needs to be at least 7 characters long.', token: token, csrf: this.csrf});
|
||||||
}
|
}
|
||||||
this.assertCsrf(this.request.body._csrf);
|
|
||||||
const tokenUser = yield validateResetToken(this, token);
|
const tokenUser = yield validateResetToken(this, token);
|
||||||
var userId = tokenUser._id;
|
var userId = tokenUser._id;
|
||||||
yield updatePassword(this, userId, this.request.body.password);
|
yield updatePassword(this, userId, this.request.body.password);
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue