fix(FastAPI): prevent CSRF forging login requests (!237) · Merge requests · Arch Linux / aurweb · GitLab

Due to an influx of spam, we have had to temporarily disable account registrations. Please write an email to accountsupport@archlinux.org, with your desired username, if you want to get access. Sorry for the inconvenience.

Steven Guikal requested to merge fluix/aurweb:feat-csrf-login-check into pu Nov 02, 2021

Small caveat for this when developing, you must use the https://localhost:8444 URL, not https://127.0.0.1:8444.

Closes #88 (closed)

Edited Nov 04, 2021 by Steven Guikal