chore: Suppress the unnecessary CSRF warning (#2606)
Suppress the unnecessary CSRF warning
This commit is contained in:
parent
dfddf9cacc
commit
a5bc81b304
13 changed files with 11 additions and 9 deletions
|
@ -3,3 +3,6 @@ sed -i -e '/REDIS_URL/ s/=.*/=redis:\/\/localhost:6379/' .env
|
||||||
sed -i -e '/POSTGRES_HOST/ s/=.*/=localhost/' .env
|
sed -i -e '/POSTGRES_HOST/ s/=.*/=localhost/' .env
|
||||||
sed -i -e '/SMTP_ADDRESS/ s/=.*/=localhost/' .env
|
sed -i -e '/SMTP_ADDRESS/ s/=.*/=localhost/' .env
|
||||||
sed -i -e "/FRONTEND_URL/ s/=.*/=https:\/\/$CODESPACE_NAME-3000.githubpreview.dev/" .env
|
sed -i -e "/FRONTEND_URL/ s/=.*/=https:\/\/$CODESPACE_NAME-3000.githubpreview.dev/" .env
|
||||||
|
sed -i -e "/WEBPACKER_DEV_SERVER_PUBLIC/ s/=.*/=https:\/\/$CODESPACE_NAME-3035.githubpreview.dev/" .env
|
||||||
|
# uncomment the webpacker env variable
|
||||||
|
sed -i -e '/WEBPACKER_DEV_SERVER_PUBLIC/s/^# //' .env
|
||||||
|
|
|
@ -155,3 +155,5 @@ USE_INBOX_AVATAR_FOR_BOT=true
|
||||||
## Development Only Config
|
## Development Only Config
|
||||||
# if you want to use letter_opener for local emails
|
# if you want to use letter_opener for local emails
|
||||||
# LETTER_OPENER=true
|
# LETTER_OPENER=true
|
||||||
|
# meant to be used in github codespaces
|
||||||
|
# WEBPACKER_DEV_SERVER_PUBLIC=
|
||||||
|
|
|
@ -7,7 +7,6 @@ class Api::V1::Accounts::ContactsController < Api::V1::Accounts::BaseController
|
||||||
sort_on :last_activity_at, type: :datetime
|
sort_on :last_activity_at, type: :datetime
|
||||||
|
|
||||||
RESULTS_PER_PAGE = 15
|
RESULTS_PER_PAGE = 15
|
||||||
protect_from_forgery with: :null_session
|
|
||||||
|
|
||||||
before_action :check_authorization
|
before_action :check_authorization
|
||||||
before_action :set_current_page, only: [:index, :active, :search]
|
before_action :set_current_page, only: [:index, :active, :search]
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
class Api::V1::Accounts::CustomFiltersController < Api::V1::Accounts::BaseController
|
class Api::V1::Accounts::CustomFiltersController < Api::V1::Accounts::BaseController
|
||||||
protect_from_forgery with: :null_session
|
|
||||||
before_action :fetch_custom_filters, except: [:create]
|
before_action :fetch_custom_filters, except: [:create]
|
||||||
before_action :fetch_custom_filter, only: [:show, :update, :destroy]
|
before_action :fetch_custom_filter, only: [:show, :update, :destroy]
|
||||||
DEFAULT_FILTER_TYPE = 'conversation'.freeze
|
DEFAULT_FILTER_TYPE = 'conversation'.freeze
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
class Api::V1::Accounts::NotificationsController < Api::V1::Accounts::BaseController
|
class Api::V1::Accounts::NotificationsController < Api::V1::Accounts::BaseController
|
||||||
RESULTS_PER_PAGE = 15
|
RESULTS_PER_PAGE = 15
|
||||||
|
|
||||||
protect_from_forgery with: :null_session
|
|
||||||
before_action :fetch_notification, only: [:update]
|
before_action :fetch_notification, only: [:update]
|
||||||
before_action :set_primary_actor, only: [:read_all]
|
before_action :set_primary_actor, only: [:read_all]
|
||||||
before_action :set_current_page, only: [:index]
|
before_action :set_current_page, only: [:index]
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
class Api::V1::AccountsController < Api::BaseController
|
class Api::V1::AccountsController < Api::BaseController
|
||||||
include AuthHelper
|
include AuthHelper
|
||||||
|
|
||||||
skip_before_action :verify_authenticity_token, only: [:create]
|
|
||||||
skip_before_action :authenticate_user!, :set_current_user, :handle_with_exception,
|
skip_before_action :authenticate_user!, :set_current_user, :handle_with_exception,
|
||||||
only: [:create], raise: false
|
only: [:create], raise: false
|
||||||
before_action :check_signup_enabled, only: [:create]
|
before_action :check_signup_enabled, only: [:create]
|
||||||
|
|
|
@ -3,13 +3,12 @@ class ApplicationController < ActionController::Base
|
||||||
include Pundit
|
include Pundit
|
||||||
include SwitchLocale
|
include SwitchLocale
|
||||||
|
|
||||||
protect_from_forgery with: :null_session
|
skip_before_action :verify_authenticity_token
|
||||||
|
|
||||||
before_action :set_current_user, unless: :devise_controller?
|
before_action :set_current_user, unless: :devise_controller?
|
||||||
around_action :switch_locale
|
around_action :switch_locale
|
||||||
around_action :handle_with_exception, unless: :devise_controller?
|
around_action :handle_with_exception, unless: :devise_controller?
|
||||||
|
|
||||||
# after_action :verify_authorized
|
|
||||||
rescue_from ActiveRecord::RecordInvalid, with: :render_record_invalid
|
rescue_from ActiveRecord::RecordInvalid, with: :render_record_invalid
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
|
@ -1,6 +1,4 @@
|
||||||
class PlatformController < ActionController::Base
|
class PlatformController < ActionController::API
|
||||||
protect_from_forgery with: :null_session
|
|
||||||
|
|
||||||
before_action :ensure_access_token
|
before_action :ensure_access_token
|
||||||
before_action :set_platform_app
|
before_action :set_platform_app
|
||||||
before_action :set_resource, only: [:update, :show, :destroy]
|
before_action :set_resource, only: [:update, :show, :destroy]
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
# TODO: we should switch to ActionController::API for the base classes
|
||||||
|
# One of the specs is failing when I tried doing that, lets revisit in future
|
||||||
class PublicController < ActionController::Base
|
class PublicController < ActionController::Base
|
||||||
skip_before_action :verify_authenticity_token
|
skip_before_action :verify_authenticity_token
|
||||||
end
|
end
|
||||||
|
|
|
@ -72,6 +72,8 @@ development:
|
||||||
quiet: false
|
quiet: false
|
||||||
headers:
|
headers:
|
||||||
'Access-Control-Allow-Origin': '*'
|
'Access-Control-Allow-Origin': '*'
|
||||||
|
'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, PATCH, OPTIONS'
|
||||||
|
'Access-Control-Allow-Headers': 'X-Requested-With, content-type, Authorization'
|
||||||
watch_options:
|
watch_options:
|
||||||
ignored: '**/node_modules/**'
|
ignored: '**/node_modules/**'
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue