diff options
| author | Adam Mathes <adam@adammathes.com> | 2026-02-14 09:09:10 -0800 |
|---|---|---|
| committer | Adam Mathes <adam@adammathes.com> | 2026-02-14 09:09:10 -0800 |
| commit | ca1418fc0135d52a009ab218d6e24187fb355a3c (patch) | |
| tree | 95f54977609ec401f8439a30e3a158c36a5526bf /frontend/src/App.tsx | |
| parent | a39dfd30529330e3eea44bce865093158eaf2f1b (diff) | |
| download | neko-ca1418fc0135d52a009ab218d6e24187fb355a3c.tar.gz neko-ca1418fc0135d52a009ab218d6e24187fb355a3c.tar.bz2 neko-ca1418fc0135d52a009ab218d6e24187fb355a3c.zip | |
security: implement CSRF protection and improve session cookie security (fixing NK-gfh33y)
Diffstat (limited to 'frontend/src/App.tsx')
| -rw-r--r-- | frontend/src/App.tsx | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/frontend/src/App.tsx b/frontend/src/App.tsx index 4835cd3..7943f60 100644 --- a/frontend/src/App.tsx +++ b/frontend/src/App.tsx @@ -2,6 +2,7 @@ import React, { useEffect, useState } from 'react'; import { BrowserRouter, Routes, Route, Navigate, useLocation, useNavigate } from 'react-router-dom'; import Login from './components/Login'; import './App.css'; +import { apiFetch } from './utils'; // Protected Route wrapper function RequireAuth({ children }: { children: React.ReactElement }) { @@ -9,7 +10,7 @@ function RequireAuth({ children }: { children: React.ReactElement }) { const location = useLocation(); useEffect(() => { - fetch('/api/auth') + apiFetch('/api/auth') .then((res) => { if (res.ok) { setAuth(true); @@ -70,7 +71,7 @@ function Dashboard({ theme, setTheme }: { theme: string; setTheme: (t: string) = <button onClick={() => { - fetch('/api/logout', { method: 'POST' }).then( + apiFetch('/api/logout', { method: 'POST' }).then( () => (window.location.href = '/v2/login') ); }} |