add csrf protection to login page

author: Paul Duncan <pabs@pablotron.org> 2016-05-21 13:05:20 -0400
committer: Paul Duncan <pabs@pablotron.org> 2016-05-21 13:05:20 -0400
commit: b1d1a7c6c5c13c1496fa87a0eddaf4e724ecb299 (patch)
tree: 9ab1bac834199321fa6d3cb8568def02ed200cc6 /src/views
parent: 59e64495121447c988d6aef243b7b3c17cb5f483 (diff)
download: guff-b1d1a7c6c5c13c1496fa87a0eddaf4e724ecb299.tar.bz2
guff-b1d1a7c6c5c13c1496fa87a0eddaf4e724ecb299.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/src/views/login-page.ecr b/src/views/login-page.ecr
index 9f2082a..e0404ce 100644
--- a/src/views/login-page.ecr
+++ b/src/views/login-page.ecr
@@ -75,6 +75,12 @@
                   Log In
                 </button>
               </div><!-- form-group -->
+
+              <input
+                type='hidden'
+                name='csrf_token'
+                value='<%= h(get_csrf_token) %>'
+              />
             </form>
           </div><!-- panel-body -->
         </div><!-- panel -->
author	Paul Duncan <pabs@pablotron.org>	2016-05-21 13:05:20 -0400
committer	Paul Duncan <pabs@pablotron.org>	2016-05-21 13:05:20 -0400
commit	b1d1a7c6c5c13c1496fa87a0eddaf4e724ecb299 (patch)
tree	9ab1bac834199321fa6d3cb8568def02ed200cc6 /src/views
parent	59e64495121447c988d6aef243b7b3c17cb5f483 (diff)
download	guff-b1d1a7c6c5c13c1496fa87a0eddaf4e724ecb299.tar.bz2 guff-b1d1a7c6c5c13c1496fa87a0eddaf4e724ecb299.zip