diff options
author | Daniel Schadt <kingdread@gmx.de> | 2022-07-09 12:50:54 +0200 |
---|---|---|
committer | Daniel Schadt <kingdread@gmx.de> | 2022-07-09 12:50:54 +0200 |
commit | c788d569c58576fd8227f5a33b895ab8131eb9dc (patch) | |
tree | ec3f2a63f09a8d4c7e5309965f45d9c7f250695a | |
parent | 7c0d07aad4da6c36d0014c8ae7ce67db21be56a9 (diff) | |
download | fietsboek-c788d569c58576fd8227f5a33b895ab8131eb9dc.tar.gz fietsboek-c788d569c58576fd8227f5a33b895ab8131eb9dc.tar.bz2 fietsboek-c788d569c58576fd8227f5a33b895ab8131eb9dc.zip |
fix CSRF token mismatch on password reset forms
-rw-r--r-- | fietsboek/templates/login.jinja2 | 3 | ||||
-rw-r--r-- | fietsboek/templates/password_reset.jinja2 | 2 | ||||
-rw-r--r-- | fietsboek/templates/request_password.jinja2 | 2 |
3 files changed, 7 insertions, 0 deletions
diff --git a/fietsboek/templates/login.jinja2 b/fietsboek/templates/login.jinja2 index 18b12e7..86e9adb 100644 --- a/fietsboek/templates/login.jinja2 +++ b/fietsboek/templates/login.jinja2 @@ -1,5 +1,7 @@ {% extends "layout.jinja2" %} +{% import "util.jinja2" as util with context %} + {% block content %} <div class="container"> <h1>{{ _("page.login.title") }}</h1> @@ -20,6 +22,7 @@ </div> </div> </div> + {{ util.hidden_csrf_input() }} <div class="row justify-content-center"> <div class="col-auto mb-3"> <button type="submit" class="btn btn-primary"><i class="bi bi-door-open"></i> {{ _("page.login.submit") }}</button> diff --git a/fietsboek/templates/password_reset.jinja2 b/fietsboek/templates/password_reset.jinja2 index 7b89762..dfcca08 100644 --- a/fietsboek/templates/password_reset.jinja2 +++ b/fietsboek/templates/password_reset.jinja2 @@ -1,4 +1,5 @@ {% extends "layout.jinja2" %} +{% import "util.jinja2" as util with context %} {% block content %} <div class="container"> <h1>{{ _("page.password_reset.title") }}</h1> @@ -25,6 +26,7 @@ </div> </div> </div> + {{ util.hidden_csrf_input() }} <button type="submit" class="btn btn-primary">{{ _("page.password_reset.reset") }}</button> </form> </diV> diff --git a/fietsboek/templates/request_password.jinja2 b/fietsboek/templates/request_password.jinja2 index 47710e3..adb4193 100644 --- a/fietsboek/templates/request_password.jinja2 +++ b/fietsboek/templates/request_password.jinja2 @@ -1,4 +1,5 @@ {% extends "layout.jinja2" %} +{% import "util.jinja2" as util with context %} {% block content %} <div class="container"> <h1>{{ _("page.request_password.title") }}</h1> @@ -11,6 +12,7 @@ <label for="resetEmail">{{ _("page.request_password.email") }}</label> </div> </div> + {{ util.hidden_csrf_input() }} <div class="col-lg-4"> <button class="btn btn-primary">{{ _("page.request_password.request") }}</button> </div> |