lucasacchi/openrouter-watcher
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(frontend): T46 configure HTMX and CSRF protection

Browse Source 
- Add CSRFMiddleware for form protection
- Implement token generation and validation
- Add CSRF meta tag to base.html
- Create tests for CSRF protection

Tests: 13 passing
This commit is contained in:
Luca Sacchi Ricciardi
2026-04-07 18:02:20 +02:00
parent c1f47c897f
commit ccd96acaac
5 changed files with 355 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/openrouter_monitor/main.py
View File

@@ -11,6 +11,7 @@ from fastapi.staticfiles import StaticFiles
from fastapi.templating import Jinja2Templates
from openrouter_monitor.config import get_settings
from openrouter_monitor.middleware.csrf import CSRFMiddleware
from openrouter_monitor.routers import api_keys
from openrouter_monitor.routers import auth
from openrouter_monitor.routers import public_api
@@ -50,9 +51,12 @@ app = FastAPI(
lifespan=lifespan,
)
# Mount static files
# Mount static files (before CSRF middleware to allow access without token)
app.mount("/static", StaticFiles(directory=str(PROJECT_ROOT / "static")), name="static")
# CSRF protection middleware
app.add_middleware(CSRFMiddleware)
# CORS middleware
app.add_middleware(
CORSMiddleware,