aboutsummaryrefslogtreecommitdiffstats
path: root/routers
diff options
context:
space:
mode:
Diffstat (limited to 'routers')
-rw-r--r--routers/web/auth/auth.go8
-rw-r--r--routers/web/auth/oauth.go4
2 files changed, 7 insertions, 5 deletions
diff --git a/routers/web/auth/auth.go b/routers/web/auth/auth.go
index 5cbe2f5388..c9ef9193f1 100644
--- a/routers/web/auth/auth.go
+++ b/routers/web/auth/auth.go
@@ -98,7 +98,7 @@ func autoSignIn(ctx *context.Context) (bool, error) {
return false, err
}
- ctx.Csrf.DeleteCookie(ctx)
+ ctx.Csrf.PrepareForSessionUser(ctx)
return true, nil
}
@@ -359,8 +359,8 @@ func handleSignInFull(ctx *context.Context, u *user_model.User, remember, obeyRe
ctx.Locale = middleware.Locale(ctx.Resp, ctx.Req)
}
- // Clear whatever CSRF cookie has right now, force to generate a new one
- ctx.Csrf.DeleteCookie(ctx)
+ // force to generate a new CSRF token
+ ctx.Csrf.PrepareForSessionUser(ctx)
// Register last login
if err := user_service.UpdateUser(ctx, u, &user_service.UpdateOptions{SetLastLogin: true}); err != nil {
@@ -804,6 +804,8 @@ func handleAccountActivation(ctx *context.Context, user *user_model.User) {
return
}
+ ctx.Csrf.PrepareForSessionUser(ctx)
+
if err := resetLocale(ctx, user); err != nil {
ctx.ServerError("resetLocale", err)
return
diff --git a/routers/web/auth/oauth.go b/routers/web/auth/oauth.go
index ccbb3bebf1..730d68051b 100644
--- a/routers/web/auth/oauth.go
+++ b/routers/web/auth/oauth.go
@@ -358,8 +358,8 @@ func handleOAuth2SignIn(ctx *context.Context, source *auth.Source, u *user_model
return
}
- // Clear whatever CSRF cookie has right now, force to generate a new one
- ctx.Csrf.DeleteCookie(ctx)
+ // force to generate a new CSRF token
+ ctx.Csrf.PrepareForSessionUser(ctx)
if err := resetLocale(ctx, u); err != nil {
ctx.ServerError("resetLocale", err)
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-22 03:26:09 +0000