Home Explore Help
Sign In
software
/
archival.ArchiveBox
mirror of https://github.com/ArchiveBox/ArchiveBox.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

disable cookie auth in API because csrf=False

Nick Sweeting 1 year ago
parent
da76a84c45
commit
dd05ad04fa
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      archivebox/api/auth.py

+ 1 - 1
archivebox/api/auth.py
View File 

@@ -105,6 +105,6 @@ API_AUTH_METHODS = [
 
     HeaderTokenAuth(),
 
     BearerTokenAuth(),
 
     QueryParamTokenAuth(), 
-    django_auth_superuser,
 
+    # django_auth_superuser,       # django admin cookie auth, not secure to use with csrf=False
 
     UsernameAndPasswordAuth(),
 
 ]