From 353b56262657c6e3e6292052303890d95cb380fe Mon Sep 17 00:00:00 2001
From: mirivlad <mirivlad@gmail.com>
Date: Sun, 15 Feb 2026 11:59:47 +0000
Subject: [PATCH] Fix CSRF: add generateToken() call in /csrf-token endpoint

---
 public/index.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/public/index.php b/public/index.php
index 1bc1d60..e336661 100644
--- a/public/index.php
+++ b/public/index.php
@@ -48,6 +48,7 @@ $csrfMiddleware = $csrf;
 
 // Add a route to get CSRF tokens via AJAX
 $app->get('/csrf-token', function (Request $request, Response $response, $args) use ($csrf) {
+    $csrf->generateToken();
     $data = [
         'name_key' => $csrf->getTokenNameKey(),
         'value_key' => $csrf->getTokenValueKey(),