From fd870c95f93884a3552d180910bd5deeee5bfec1 Mon Sep 17 00:00:00 2001 From: Christopher League Date: Sat, 2 Apr 2016 23:04:58 -0400 Subject: [PATCH 1/2] Provide CSRF token in Dummy login form --- yesod-auth/Yesod/Auth/Dummy.hs | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/yesod-auth/Yesod/Auth/Dummy.hs b/yesod-auth/Yesod/Auth/Dummy.hs index 91e56601..9e4611d6 100644 --- a/yesod-auth/Yesod/Auth/Dummy.hs +++ b/yesod-auth/Yesod/Auth/Dummy.hs @@ -20,10 +20,13 @@ authDummy = lift $ setCredsRedirect $ Creds "dummy" ident [] dispatch _ _ = notFound url = PluginR "dummy" [] - login authToMaster = + login authToMaster = do + request <- getRequest toWidget [hamlet| $newline never
+ $maybe t <- reqToken request + Your new identifier is: # From 85a62ab074d08bb60b38b1d813c58926b593f167 Mon Sep 17 00:00:00 2001 From: Christopher League Date: Sun, 3 Apr 2016 12:43:15 -0400 Subject: [PATCH 2/2] Bump yesod-auth version for CSRF support (#1205) --- yesod-auth/ChangeLog.md | 4 ++++ yesod-auth/yesod-auth.cabal | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/yesod-auth/ChangeLog.md b/yesod-auth/ChangeLog.md index aa6b0669..939da340 100644 --- a/yesod-auth/ChangeLog.md +++ b/yesod-auth/ChangeLog.md @@ -1,3 +1,7 @@ +## 1.4.13.1 + +* Add CSRF token to login form from `Yesod.Auth.Dummy` [#1205](https://github.com/yesodweb/yesod/pull/1205) + ## 1.4.13 * Add a CSRF token to the login form from `Yesod.Auth.Hardcoded`, making it compatible with the CSRF middleware [#1161](https://github.com/yesodweb/yesod/pull/1161) diff --git a/yesod-auth/yesod-auth.cabal b/yesod-auth/yesod-auth.cabal index cc7e72d8..a388396f 100644 --- a/yesod-auth/yesod-auth.cabal +++ b/yesod-auth/yesod-auth.cabal @@ -1,5 +1,5 @@ name: yesod-auth -version: 1.4.13 +version: 1.4.13.1 license: MIT license-file: LICENSE author: Michael Snoyman, Patrick Brisbin