From 79753d77529be6a6807799faefdff8c7ba5fc2d7 Mon Sep 17 00:00:00 2001
From: Agate <me@agate.blue>
Date: Tue, 19 May 2020 12:02:58 +0200
Subject: [PATCH] Refresh site on logout to avoid CSRF issues

---
 front/src/store/auth.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/front/src/store/auth.js b/front/src/store/auth.js
index ed69bfc44..c28e8849d 100644
--- a/front/src/store/auth.js
+++ b/front/src/store/auth.js
@@ -168,7 +168,10 @@ export default {
         commit(`${m}/reset`, null, {root: true})
       })
       logger.default.info('Log out, goodbye!')
-      router.push({name: 'index'})
+      await router.push({name: 'index'}, () => {
+        // refresh to get a new CSRF token
+        window.location.reload(true)
+      })
     },
     async check ({commit, dispatch, state}) {
       logger.default.info('Checking authentication…')
-- 
GitLab