CSRF clears the env settings
MisterBianco opened this issue · 2 comments
MisterBianco commented
Before I included this library in my codebase I had an api endpoint
/api/login
that would check if username == Jacobsin and if password == password (Dont worry this isnt in production)
However after including the csrf handler I get a 403 code... Simple solve being that the postman request needs the csrf token however after I supply the csrf token and I print out the body of the request using:
username = env.params.body["username"]?
password = env.params.body["password"]?
if username.nil? || password.nil?
puts username
puts password
...
I get empty strings... Now postman shows they are in the body... So idk what is going on except the the env.params must be being destroyed?
MisterBianco commented
Okay so after adding
puts env.params.body
in the code it prints an empty string so my env.params.body is indeed empty...
MisterBianco commented
After further testing it looks like it isnt due to csrf and is just blank...