raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-02-02 21:57:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow updates just with auth token

Browse Source 
Rails usually requires an additional CSRF protection token but when it's
not present we ignore the user's session and use only the OIDC auth
token.
This commit is contained in:
Maikel Linke
2022-11-10 13:01:48 +11:00
committed by David Cook
parent aea6f864d9
commit 4d49266f0f
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
engines/dfc_provider/app/controllers/dfc_provider/base_controller.rb
View File

@@ -3,6 +3,8 @@
# Controller used to provide the API products for the DFC application
module DfcProvider
class BaseController < ActionController::Base
protect_from_forgery with: :null_session
rescue_from ActiveRecord::RecordNotFound, with: :not_found
before_action :check_authorization