feat(webui): add csrf tokens to all forms processing code

Closes #60
2025-05-01 08:37:28 +02:00 · 2025-05-01 08:37:28 +02:00 · 5d7b540718
commit 5d7b540718
parent 895615ad6e
15 changed files with 71 additions and 2 deletions
--- a/pkg/webui/html/login.html
+++ b/pkg/webui/html/login.html
@ -1,6 +1,7 @@
 {{ define "main" }}
 <div style="display: grid;">
  <form action="/login" method="post" style="align-self:center; justify-self: center;">
+    <input name="csrf_token" type="hidden" value="{{ .Page.Session.Data.CsrfToken }}">
    <fieldset style="align-items:center; display:flex; flex-direction:column; gap:8px;">
      <legend>Login</legend>
      <div style="align-items:center; display:flex; flex-direction:row; gap:8px;">