Changed Views to accept CSRF token

2014-02-03 13:08:34 -05:00 · 2014-02-03 13:08:34 -05:00 · c99c8fe1f8
parent f9ec861151
commit c99c8fe1f8
5 changed files with 7 additions and 7 deletions
--- a/app.js
+++ b/app.js
@ -79,7 +79,7 @@ app.use(passport.initialize());
 app.use(passport.session());
 app.use(function(req, res, next) {
  res.locals.user = req.user;
-  res.locals.token = req.csrfToken();
+  res.locals.token = req.csrfToken(); 
  next();
 });
 app.use(flash());
--- a/views/account/login.jade
+++ b/views/account/login.jade
@ -25,7 +25,7 @@ block content
        label.control-label(for='username') Password
        input.form-control(type='password', name='password', id='password', placeholder='Password')
      .form-group
-        input.form-control(type='hidden', name='_csrf', value=token)
+        input.form-control(type='hidden', name='_csrf', value=token) 
      .form-group
        button.btn.btn-primary(type='submit')
          i.fa.fa-unlock-alt
--- a/views/account/profile.jade
+++ b/views/account/profile.jade
@ -31,7 +31,7 @@ block content
      .col-xs-4
        input.form-control(type='text', name='website', id='website', value='#{user.profile.website}')
    .form-group
-        input.form-control(type='hidden', name='_csrf', value=token)
+        input.form-control(type='hidden', name='_csrf', value=token) 
    .form-group
      .col-xs-offset-2.col-xs-4
        button.btn.btn.btn-primary(type='submit') Update Profile
@ -52,7 +52,7 @@ block content
      .col-xs-4
        input.form-control(type='password', name='confirmPassword', id='confirmPassword')
    .form-group
-        input.form-control(type='hidden', name='_csrf', value=token)
+        input.form-control(type='hidden', name='_csrf', value=token) 
    .form-group
      .col-xs-offset-3.col-xs-4
        button.btn.btn.btn-primary(type='submit') Change Password
@ -85,4 +85,4 @@ block content
  if user.github
    p: a.text-danger(href='/account/unlink/github') Unlink your GitHub account
  else
-    p: a(href='/auth/github') Link your GitHub account
+    p: a(href='/auth/github') Link your GitHub account
--- a/views/account/signup.jade
+++ b/views/account/signup.jade
@ -16,7 +16,7 @@ block content
      .col-sm-7
        input.form-control(type='password', name='confirmPassword', id='confirmPassword', placeholder='Confirm Password')
    .form-group
-        input.form-control(type='hidden', name='_csrf', value=token)
+        input.form-control(type='hidden', name='_csrf', value=token) 
    .form-group
      .col-sm-offset-3.col-sm-7
        button.btn.btn-success(type='submit')
--- a/views/contact.jade
+++ b/views/contact.jade
@ -18,7 +18,7 @@ block content
      .col-sm-8
        textarea.form-control(type='text', name='message', id='message', rows='7')
    .form-group
-        input.form-control(type='hidden', name='_csrf', value=token)
+        input.form-control(type='hidden', name='_csrf', value=token) 
    .form-group
      .col-sm-offset-2.col-sm-8
        button.btn.btn-default(type='submit')