Skip to content

GitLab

Explore

Sign in

This is an archived project. Repository and other project resources are read-only.

Carson Cook (14CDWC)
QPlan
Merge requests
!52

Implement csrf token

Review changes
Download
Patches
Plain diff

Carson Cook (14CDWC) requested to merge carsoncook/i1/csrf_token into staging Jan 04, 2021

Overview 0
Commits 11
Pipelines 0
Changes 23

Description

Adds csrf token functionality to back end and front end. A token is sent in the response of every request that passes middleware filters. The front end then stores the most recent token and attaches it as a header in the next request. Back end middleware checks for a valid token on POST and PUT operations, blocking them if the token is invalid, protecting against CSRF attacks.

Resolves #1

Type

Please delete options that are not relevant.

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Enhancement (non-breaking change which improves existing functionality)
Breaking change (fix, feature, or enhancement that would cause existing functionality to not work as expected)
This change requires a documentation update

Checklist:

My code follows the style guidelines of this project
I have performed a self-review of my own code
I have commented my code, particularly in hard-to-understand areas
I have made corresponding changes to the documentation
My changes generate no new warnings
I have added tests that prove my fix is effective or that my feature works
New and existing unit tests pass locally with my changes

More information can be found here

Merge request reports

Assignee

Assign to

Reviewers

Request review from

Time tracking