summaryrefslogtreecommitdiff
path: root/service/pixelated/resources/login_resource.py
diff options
context:
space:
mode:
authorRoald de Vries <rdevries@thoughtworks.com>2016-11-30 16:11:27 +0100
committerRoald de Vries <rdevries@thoughtworks.com>2016-11-30 16:11:27 +0100
commit13378255c02b97184132881599ed47826963f54a (patch)
tree01a47f844f581a12dae9d022be19d4010433633e /service/pixelated/resources/login_resource.py
parenta493da72d53fe90d679d7fa1980dd185415d9be3 (diff)
add csrf token to login form
Diffstat (limited to 'service/pixelated/resources/login_resource.py')
-rw-r--r--service/pixelated/resources/login_resource.py6
1 files changed, 6 insertions, 0 deletions
diff --git a/service/pixelated/resources/login_resource.py b/service/pixelated/resources/login_resource.py
index fec4307e..7d61ddce 100644
--- a/service/pixelated/resources/login_resource.py
+++ b/service/pixelated/resources/login_resource.py
@@ -108,6 +108,11 @@ class LoginWebSite(Element):
return tag('')
@renderer
+ def csrftoken(self, request, tag):
+ tag.fillSlots(csrftoken=IPixelatedSession(request.getSession()).get_csrf_token())
+ return tag
+
+ @renderer
def disclaimer(self, request, tag):
return DisclaimerElement(self.disclaimer_banner_file).render(request)
@@ -140,6 +145,7 @@ class LoginResource(BaseResource):
return NoResource()
def render_GET(self, request):
+ request.getSession()
request.setResponseCode(OK)
return self._render_template(request)
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-06 08:18:41 +0000