Bug/added csrf protection

[1-ankush-1]

issue ref - #22
commit ref - c2ebe95 153044b e4a30a8

Changes

• Added the csrfProtection inside the app.js file.

+ const csrfProtection = csrf({ cookie: true });
+ app.use(csrfProtection);

• Added the csrfProtection middleware between the routes that are getting the csrf token from forms.
• updated the logout function so it will destroy the session after logout.

Suggestion

• There is no home for home path .so create one so user can access that after login.
• Add a setup.md file so anyone can contribute easily.
• You can put the config.json info inside the .env file.

[Artlfmj]

Have you tested your changes on the forms to check they work

[1-ankush-1]

Have you tested your changes on the forms to check they work

yup i did . just add a Home file too so it will display the home page data after login.

[Artlfmj]

Ok, you can create a new pr for your other suggestions :)

[Artlfmj]

Could you resolve conflicts?

[1-ankush-1]

Ok, you can create a new pr for your other suggestions :)

you should create seprate issue for them as well.

[1-ankush-1]

Could you resolve conflicts?

wait give me 2 min

[Artlfmj]

You can go ahead and create the issue, I will assign you once you create it

[1-ankush-1]

You can go ahead and create the issue, I will assign you once you create it

• resolved the conflict

[1-ankush-1]

You can go ahead and create the issue, I will assign you once you create it

hey i am not clear about the requirments for the Home file. you should create the issue for Home and explain what feature you would like to add in Home.

[Artlfmj]

Will say home later today

[Artlfmj]

@1-ankush-1 checked this, you did not add csrf verification on form submit