Adding csrf token fields to the forgot password calls

diff --git a/mediagoblin/templates/mediagoblin/auth/change_fp.html b/mediagoblin/templates/mediagoblin/auth/change_fp.html
index 4be7e065acbc844c0f0d6f80826d2ffe652182d9..53186cecc9119de399a88942e069c63f80bd59da 100644 (file)
--- a/mediagoblin/templates/mediagoblin/auth/change_fp.html
+++ b/mediagoblin/templates/mediagoblin/auth/change_fp.html
@@ -23,6 +23,8 @@
 
   <form action="{{ request.urlgen('mediagoblin.auth.verify_forgot_password') }}"
         method="POST" enctype="multipart/form-data">
+    {{ csrf_token }}
+
     <div class="grid_6 prefix_1 suffix_1 form_box">
       <h1>{% trans %}Enter your new password{% endtrans %}</h1>
 

diff --git a/mediagoblin/templates/mediagoblin/auth/forgot_password.html b/mediagoblin/templates/mediagoblin/auth/forgot_password.html
index 23fa9eb547a095c9408b16b500570554f364c0b2..b95a4dcb08f1578b9c2985fa24c1ffc3def541b2 100644 (file)
--- a/mediagoblin/templates/mediagoblin/auth/forgot_password.html
+++ b/mediagoblin/templates/mediagoblin/auth/forgot_password.html
@@ -23,6 +23,8 @@
 
   <form action="{{ request.urlgen('mediagoblin.auth.forgot_password') }}"
         method="POST" enctype="multipart/form-data">
+    {{ csrf_token }}
+
     <div class="grid_6 prefix_1 suffix_1 form_box">
       <h1>{% trans %}Enter your username or email{% endtrans %}</h1>