diff --git a/controllers/api.go b/controllers/api.go
index 58630ffd..271f74b9 100644
--- a/controllers/api.go
+++ b/controllers/api.go
@@ -126,6 +126,10 @@ func API_Campaigns_Id(w http.ResponseWriter, r *http.Request) {
}
}
+func API_Campaigns_Id_Launch(w http.ResponseWriter, r *http.Request) {
+ http.Redirect(w, r, "/", 302)
+}
+
// API_Groups returns details about the requested group. If the campaign is not
// valid, API_Groups returns null.
func API_Groups(w http.ResponseWriter, r *http.Request) {
diff --git a/controllers/route.go b/controllers/route.go
index 7f429f50..c8a80b53 100644
--- a/controllers/route.go
+++ b/controllers/route.go
@@ -33,6 +33,7 @@ func CreateRouter() *nosurf.CSRFHandler {
api.HandleFunc("/reset", Use(API_Reset, mid.RequireLogin))
api.HandleFunc("/campaigns", Use(API_Campaigns, mid.RequireAPIKey))
api.HandleFunc("/campaigns/{id:[0-9]+}", Use(API_Campaigns_Id, mid.RequireAPIKey))
+ api.HandleFunc("/campaigns/id:[0-9]+}", Use(API_Campaigns_Id_Launch, mid.RequireAPIKey))
api.HandleFunc("/groups", Use(API_Groups, mid.RequireAPIKey))
api.HandleFunc("/groups/{id:[0-9]+}", Use(API_Groups_Id, mid.RequireAPIKey))
@@ -41,7 +42,7 @@ func CreateRouter() *nosurf.CSRFHandler {
//Setup CSRF Protection
csrfHandler := nosurf.New(router)
- csrfHandler.ExemptGlob("/api/*")
+ csrfHandler.ExemptGlob("/api/*/*")
csrfHandler.ExemptGlob("/static/*")
return csrfHandler
}
@@ -98,8 +99,10 @@ func Settings(w http.ResponseWriter, r *http.Request) {
User models.User
Title string
Flashes []interface{}
+ Token string
}{Title: "Settings", User: ctx.Get(r, "user").(models.User)}
session := ctx.Get(r, "session").(*sessions.Session)
+ params.Token = nosurf.Token(r)
params.Flashes = session.Flashes()
session.Save(r, w)
getTemplate(w, "settings").ExecuteTemplate(w, "base", params)
diff --git a/templates/settings.html b/templates/settings.html
index f0fb9be3..23497bb8 100644
--- a/templates/settings.html
+++ b/templates/settings.html
@@ -44,7 +44,6 @@
-