From 77ba41e684e023a640370c6f5de18c55be908a66 Mon Sep 17 00:00:00 2001
From: baflo <834350+baflo@users.noreply.github.com>
Date: Fri, 22 Dec 2023 17:16:10 +0100
Subject: [PATCH] Fixes CSRF issue when using REMOTE_USER

---
 src/paperless/urls.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/paperless/urls.py b/src/paperless/urls.py
index 67fddbee0..f60bbf4bc 100644
--- a/src/paperless/urls.py
+++ b/src/paperless/urls.py
@@ -5,7 +5,7 @@ from django.contrib.auth.decorators import login_required
 from django.urls import path
 from django.urls import re_path
 from django.utils.translation import gettext_lazy as _
-from django.views.decorators.csrf import csrf_exempt
+from django.views.decorators.csrf import csrf_exempt, ensure_csrf_cookie
 from django.views.generic import RedirectView
 from rest_framework.authtoken import views
 from rest_framework.routers import DefaultRouter
@@ -178,7 +178,7 @@ urlpatterns = [
     # login, logout
     path("accounts/", include("django.contrib.auth.urls")),
     # Root of the Frontend
-    re_path(r".*", login_required(IndexView.as_view()), name="base"),
+    re_path(r".*", login_required(ensure_csrf_cookie(IndexView.as_view())), name="base"),
 ]