providers/saml: fix CSRF errors with POST binding

2020-02-28 10:50:16 +01:00 · 2020-02-28 10:50:16 +01:00 · 64f15eadbd
parent 81b66ecdcd
commit 64f15eadbd
2 changed files with 5 additions and 1 deletions
--- a/passbook/core/templates/login/base.html
+++ b/passbook/core/templates/login/base.html
@ -23,7 +23,7 @@
        <header class="pf-c-login__header">
            <img class="pf-c-brand" src="{% static 'passbook/logo.svg' %}" style="height: 60px;"
                alt="passbook icon" />
-            <img class="pf-c-brand" src="{% static 'passbook/brand.svg' %}" style="height: 80px;"
+            <img class="pf-c-brand" src="{% static 'passbook/brand.svg' %}" style="height: 60px;"
                alt="passbook branding" />
        </header>
        <main class="pf-c-login__main">
--- a/passbook/providers/saml/views.py
+++ b/passbook/providers/saml/views.py
@ -125,6 +125,10 @@ class LoginBeginView(AccessRequiredView):
            )
        )

+    @method_decorator(csrf_exempt)
+    def dispatch(self, *args, **kwargs):
+        return super().dispatch(*args, **kwargs)
+
    @method_decorator(csrf_exempt)
    def get(self, request: HttpRequest, application: str) -> HttpResponse:
        """Handle REDIRECT bindings"""