fix: fix csrf token handling after login

2025-09-15 15:21:14 +00:00 · 2025-03-29 17:21:54 +01:00
parent 6cbccf6d43
commit 3723e4cc75
2 changed files with 9 additions and 5 deletions
--- a/frontend/src/router/index.js
+++ b/frontend/src/router/index.js
@@ -72,7 +72,6 @@ const router = createRouter({

 router.beforeEach(async (to) => {
  const auth = authStore()
-  const sec = securityStore()

  // check if the request was a successful oauth login
  if ('wgLoginState' in to.query && !auth.IsAuthenticated) {
@@ -122,8 +121,13 @@ router.beforeEach(async (to) => {
    auth.SetReturnUrl(to.fullPath) // store original destination before starting the auth process
    return '/login'
  }
+})

-  if (publicPages.includes(to.path)) {
+router.afterEach(async (to, from) => {
+  const sec = securityStore()
+  const csrfPages = ['/login']
+
+  if (csrfPages.includes(to.path)) {
    await sec.LoadSecurityProperties() // make sure we have a valid csrf token
  }
 })