Disable antiforgery on auth and add quantengine migration tools
This commit is contained in:
@@ -167,7 +167,7 @@ app.MapPost("/api/auth/login", async (LoginRequest request, IWorkspaceRepository
|
||||
accessToken = rawToken,
|
||||
expiresAt = expiresAt.ToString("O")
|
||||
});
|
||||
});
|
||||
}).DisableAntiforgery();
|
||||
|
||||
app.MapGet("/api/auth/me", async (HttpContext context, IWorkspaceRepository workspaceRepo) =>
|
||||
{
|
||||
@@ -210,7 +210,7 @@ app.MapPost("/api/auth/logout", async (HttpContext context, IWorkspaceRepository
|
||||
var tokenHash = Convert.ToHexString(SHA256.HashData(Encoding.UTF8.GetBytes(token)));
|
||||
await workspaceRepo.RevokeSessionAsync(tokenHash, DateTimeOffset.UtcNow.ToString("O"));
|
||||
return Results.Ok(new { success = true });
|
||||
});
|
||||
}).DisableAntiforgery();
|
||||
|
||||
// Operational Report serving API (WASM safe file loading substitute)
|
||||
app.MapGet("/api/operational-report", async (IWebHostEnvironment env) =>
|
||||
|
||||
Reference in New Issue
Block a user