diff options
| author | Omar Roth <omarroth@hotmail.com> | 2018-11-15 20:23:17 -0600 |
|---|---|---|
| committer | Omar Roth <omarroth@hotmail.com> | 2018-11-15 20:23:17 -0600 |
| commit | 48526435adb128354bc59f3b57871d58a137402e (patch) | |
| tree | 5a04c79b99feda6f6ebe441c8bfdc93156a60288 /src | |
| parent | b92542ea35f95d20a6a375ac8d6bfe865c12fd08 (diff) | |
| download | invidious-48526435adb128354bc59f3b57871d58a137402e.tar.gz invidious-48526435adb128354bc59f3b57871d58a137402e.tar.bz2 invidious-48526435adb128354bc59f3b57871d58a137402e.zip | |
Add CSRF token for Google accounts
Diffstat (limited to 'src')
| -rw-r--r-- | src/invidious.cr | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/invidious.cr b/src/invidious.cr index 87480e12..30ed33be 100644 --- a/src/invidious.cr +++ b/src/invidious.cr @@ -155,6 +155,10 @@ before_all do |env| client = make_client(YT_URL) user = get_user(sid, client, headers, PG_DB, false) + challenge, token = create_response(user.email, "sign_out", HMAC_KEY, 1.week) + env.set "challenge", challenge + env.set "token", token + env.set "user", user env.set "sid", sid rescue ex |