don't use csrf_exempt everywhere

2020-01-29 12:24:50 -08:00
parent f031b46b20
commit 7882bfe1ef
6 changed files with 8 additions and 12 deletions
--- a/fedireads/templates/layout.html
+++ b/fedireads/templates/layout.html
@ -27,6 +27,7 @@
                <div id="account">
                    {% if user.is_authenticated %}
                    <form name="logout" action="/logout/" method="post">
+                        {% csrf_token %}
                        Welcome, <a href="/user/{{ request.user.localname }}">{{ request.user.localname }}</a>
                        <input type="submit" value="Log out"></input>
                    </form>