aboutsummaryrefslogtreecommitdiffstats
path: root/perllib/FixMyStreet/App/Controller/Auth.pm
diff options
context:
space:
mode:
Diffstat (limited to 'perllib/FixMyStreet/App/Controller/Auth.pm')
-rw-r--r--perllib/FixMyStreet/App/Controller/Auth.pm5
1 files changed, 3 insertions, 2 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm
index c448f8749..6e8057723 100644
--- a/perllib/FixMyStreet/App/Controller/Auth.pm
+++ b/perllib/FixMyStreet/App/Controller/Auth.pm
@@ -516,11 +516,12 @@ sub check_csrf_token : Private {
$token =~ s/ /+/g;
my ($time) = $token =~ /^(\d+)-[0-9a-zA-Z+\/]+$/;
$c->stash->{csrf_time} = $time;
+ my $gen_token = $c->forward('get_csrf_token');
+ delete $c->stash->{csrf_time};
$c->detach('no_csrf_token')
unless $time
&& $time > time() - 3600
- && $token eq $c->forward('get_csrf_token');
- delete $c->stash->{csrf_time};
+ && $token eq $gen_token;
}
sub no_csrf_token : Private {
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-26 12:41:34 +0000