From 5072638ec2ce7909d1170d8e40cabdf2e526e5c1 Mon Sep 17 00:00:00 2001
From: nai-degen <khoners@protonmail.com>
Date: Tue, 3 Dec 2024 19:49:16 -0600
Subject: [PATCH] attempt at fixing persistent 'invalid csrf token' error on
 some browsers

---
 src/user/routes.ts | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/user/routes.ts b/src/user/routes.ts
index b3c143a..6ca9e81 100644
--- a/src/user/routes.ts
+++ b/src/user/routes.ts
@@ -32,9 +32,14 @@ userRouter.use(
     _next: express.NextFunction
   ) => {
     const data: any = { message: err.message, stack: err.stack, status: 500 };
+    const isCsrfError = err.message === "invalid csrf token";
+
+    if (isCsrfError) {
+      res.clearCookie("csrf");
+      req.session.csrf = undefined;
+    }
 
     if (req.accepts("json", "html") === "json") {
-      const isCsrfError = err.message === "invalid csrf token";
       const message = isCsrfError
         ? "CSRF token mismatch; try refreshing the page"
         : err.message;