Add CSRF protection.

This commit is contained in:
Jonathan Cremin 2015-08-22 23:07:34 +01:00
parent 8e47c74b68
commit 0910b16e1e
5 changed files with 68 additions and 7 deletions

View file

@ -65,6 +65,7 @@ export function* create() {
}
export function* cancel() {
this.assertCSRF();
const Users = this.db.Users;
const user = yield Users.findOne({_id: this.session.user.id});