This is an automated email from the ASF dual-hosted git repository. wave pushed a commit to branch logout-is-now-a-post in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
commit 7e53c0174952c4bf819573480ab86cefe78535f8 Author: Dave Fisher <[email protected]> AuthorDate: Thu Mar 12 14:35:34 2026 -0700 Logout is a POST --- atr/server.py | 2 ++ atr/static/css/atr.css | 9 --------- atr/templates/includes/topnav.html | 5 ++++- 3 files changed, 6 insertions(+), 10 deletions(-) diff --git a/atr/server.py b/atr/server.py index c791d22e..77d2907b 100644 --- a/atr/server.py +++ b/atr/server.py @@ -53,6 +53,7 @@ import atr.config as config import atr.db as db import atr.db.interaction as interaction import atr.filters as filters +import atr.form as form import atr.jwtoken as jwtoken import atr.log as log import atr.manager as manager @@ -261,6 +262,7 @@ def _app_setup_context(app: base.QuartApp) -> None: "admin": admin, "as_url": util.as_url, "commit": metadata.commit, + "csrf_input_fn": lambda: form.csrf_input(), "current_user": current_user, "get": get, "is_admin_fn": user.is_admin, diff --git a/atr/static/css/atr.css b/atr/static/css/atr.css index f5a27faa..1d3313d9 100644 --- a/atr/static/css/atr.css +++ b/atr/static/css/atr.css @@ -221,19 +221,10 @@ button, input, option, select, textarea { font-weight: 425; } - nav.navbar { padding: 0 0 0.25rem 2rem; } -nav.navbar button, nav.navbar a.navbar-brand { - color: #000000 !important; -} - -/* nav.navbar button.navbar-toggler { - background-color: #000000 !important; -} */ - label[for] { font-weight: 450; diff --git a/atr/templates/includes/topnav.html b/atr/templates/includes/topnav.html index 87d06f90..fb79a5d5 100644 --- a/atr/templates/includes/topnav.html +++ b/atr/templates/includes/topnav.html @@ -376,7 +376,10 @@ <ul class="navbar-nav align-items-lg-center"> <li class="nav-item"> {% if current_user %} - <a href="/auth?logout=/" class="logout-link btn btn-sm btn-secondary ms-2">Log out</a> + <form method="post" action="/auth?logout=/" class="d-inline"> + {{ csrf_input_fn()|safe }} + <button type="submit" class="logout-link btn btn-sm btn-secondary ms-2">Log out</button> + </form> {% else %} <a href="/auth?login={{ request.path }}" class="login-link btn btn-sm btn-secondary ms-2">Log in</a> {% endif %} --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
