summaryrefslogtreecommitdiff
path: root/ui/middleware.go
diff options
context:
space:
mode:
Diffstat (limited to 'ui/middleware.go')
-rw-r--r--ui/middleware.go6
1 files changed, 6 insertions, 0 deletions
diff --git a/ui/middleware.go b/ui/middleware.go
index a7707ae1..0db46703 100644
--- a/ui/middleware.go
+++ b/ui/middleware.go
@@ -89,6 +89,12 @@ func (m *middleware) handleAppSession(next http.Handler) http.Handler {
if session.Data.CSRF != formValue && session.Data.CSRF != headerValue {
logger.Error(`[UI:AppSession] Invalid or missing CSRF token: Form="%s", Header="%s"`, formValue, headerValue)
+
+ if mux.CurrentRoute(r).GetName() == "checkLogin" {
+ html.Redirect(w, r, route.Path(m.router, "login"))
+ return
+ }
+
html.BadRequest(w, r, errors.New("Invalid or missing CSRF"))
return
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-03 00:52:18 +0000