Docker/AdventureLog
Docker/AdventureLog
1
0
Fork 0
mirror of https://github.com/seanmorley15/AdventureLog.git synced 2025-08-04 12:45:17 +02:00
Code Issues Releases Activity

Merge pull request #614 from seanmorley15/development

Browse source 
Development
This commit is contained in:
Sean Morley 2025-05-12 10:46:02 -04:00 committed by GitHub
commit 049c229799
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 10 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
backend/server/adventures/middleware.py
View file

@ -30,3 +30,11 @@ class DisableCSRFForSessionTokenMiddleware(MiddlewareMixin):
def process_request(self, request): def process_request(self, request):
if 'X-Session-Token' in request.headers: if 'X-Session-Token' in request.headers:
setattr(request, '_dont_enforce_csrf_checks', True) setattr(request, '_dont_enforce_csrf_checks', True)
class DisableCSRFForMobileLoginSignup(MiddlewareMixin):
def process_request(self, request):
is_mobile = request.headers.get('X-Is-Mobile', '').lower() == 'true'
is_login_or_signup = request.path in ['/auth/browser/v1/auth/login', '/auth/browser/v1/auth/signup']
if is_mobile and is_login_or_signup:
setattr(request, '_dont_enforce_csrf_checks', True)

1
backend/server/main/settings.py
View file

@ -71,6 +71,7 @@ MIDDLEWARE = (
'whitenoise.middleware.WhiteNoiseMiddleware', 'whitenoise.middleware.WhiteNoiseMiddleware',
'adventures.middleware.XSessionTokenMiddleware', 'adventures.middleware.XSessionTokenMiddleware',
'adventures.middleware.DisableCSRFForSessionTokenMiddleware', 'adventures.middleware.DisableCSRFForSessionTokenMiddleware',
'adventures.middleware.DisableCSRFForMobileLoginSignup',
'corsheaders.middleware.CorsMiddleware', 'corsheaders.middleware.CorsMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware', 'django.middleware.common.CommonMiddleware',