From 6ff1f2fec7562c561f2632e89fb38ebffa6d1092 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon, 9 Dec 2019 20:20:58 +0000
Subject: [PATCH] auth: Do not cache registration page because of XSRF cookie

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 src/web/auth.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/web/auth.py b/src/web/auth.py
index 56f4b32f..a81b6f26 100644
--- a/src/web/auth.py
+++ b/src/web/auth.py
@@ -81,7 +81,7 @@ class LogoutHandler(AuthenticationMixin, base.BaseHandler):
 		self.redirect("/")
 
 
-class RegisterHandler(base.BaseHandler):
+class RegisterHandler(CacheMixin, base.BaseHandler):
 	def get(self):
 		# Redirect logged in users away
 		if self.current_user:
@@ -143,7 +143,7 @@ class ActivateHandler(AuthenticationMixin, base.BaseHandler):
 		self.render("auth/activated.html", account=account)
 
 
-class PasswordResetInitiationHandler(base.BaseHandler):
+class PasswordResetInitiationHandler(CacheMixin, base.BaseHandler):
 	def get(self):
 		username = self.get_argument("username", None)
 
-- 
2.47.3