From fa34e4d0756d5869117eea4299027a5a89103f9d Mon Sep 17 00:00:00 2001
From: Blake Blackshear <blakeb@blakeshome.com>
Date: Sun, 5 May 2024 12:42:37 -0500
Subject: [PATCH] bypass csrf for internal auth endpoint

---
 docker/main/rootfs/usr/local/nginx/conf/auth_location.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docker/main/rootfs/usr/local/nginx/conf/auth_location.conf b/docker/main/rootfs/usr/local/nginx/conf/auth_location.conf
index ef20fa8f2..6f9235486 100644
--- a/docker/main/rootfs/usr/local/nginx/conf/auth_location.conf
+++ b/docker/main/rootfs/usr/local/nginx/conf/auth_location.conf
@@ -13,6 +13,7 @@ location /auth {
     proxy_set_header X-Forwarded-For $remote_addr;
     proxy_set_header Content-Length "";
     proxy_set_header Connection "";
+    proxy_set_header X-CSRF-TOKEN "1";
 
     ## Basic Proxy Configuration
     proxy_pass_request_body off;