From ca1418fc0135d52a009ab218d6e24187fb355a3c Mon Sep 17 00:00:00 2001
From: Adam Mathes <adam@adammathes.com>
Date: Sat, 14 Feb 2026 09:09:10 -0800
Subject: security: implement CSRF protection and improve session cookie
 security (fixing NK-gfh33y)

---
 frontend/src/components/Login.tsx | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'frontend/src/components/Login.tsx')

diff --git a/frontend/src/components/Login.tsx b/frontend/src/components/Login.tsx
index 5f63248..ba2cd96 100644
--- a/frontend/src/components/Login.tsx
+++ b/frontend/src/components/Login.tsx
@@ -2,6 +2,8 @@ import { useState, type FormEvent } from 'react';
 import { useNavigate } from 'react-router-dom';
 import './Login.css';
 
+import { apiFetch } from '../utils';
+
 export default function Login() {
   const [password, setPassword] = useState('');
   const [error, setError] = useState('');
@@ -16,7 +18,7 @@ export default function Login() {
       const params = new URLSearchParams();
       params.append('password', password);
 
-      const res = await fetch('/api/login', {
+      const res = await apiFetch('/api/login', {
         method: 'POST',
         body: params,
       });
-- 
cgit v1.2.3