Fix emails and csrf
This commit is contained in:
parent
c6e420893a
commit
207c12973e
7 changed files with 80 additions and 138 deletions
|
@ -35,7 +35,14 @@ router.use(async (ctx, next) => {
|
|||
await next();
|
||||
});
|
||||
|
||||
router.use(new CSRF());
|
||||
router.use(new CSRF({
|
||||
invalidSessionSecretMessage: 'Invalid session secret',
|
||||
invalidSessionSecretStatusCode: 403,
|
||||
invalidTokenMessage: 'Invalid CSRF token',
|
||||
invalidTokenStatusCode: 403,
|
||||
excludedMethods: ['GET', 'HEAD', 'OPTIONS'],
|
||||
disableQuery: false,
|
||||
}));
|
||||
|
||||
router.use(views(path.join(__dirname, 'views'), {
|
||||
extension: 'ejs',
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue