Skip to content

Commit

Permalink
LG-438 Remove csrf protection on the account reset delayed notificati…
Browse files Browse the repository at this point in the history 
…ons API endpoint

**Why**: The endpoint is already protected by an auth token

**How**: skip_before_action :verify_authenticity_token
  • Loading branch information
@stevegsa @monfresh
stevegsa authored and monfresh committed Jul 3, 2018
1 parent e14a2c9 commit 6aec953
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions app/controllers/account_reset/send_notifications_controller.rb
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
module AccountReset
class SendNotificationsController < ApplicationController
skip_before_action :verify_authenticity_token
before_action :authorize

def update
Expand Down

0 comments on commit 6aec953

Please sign in to comment.