fix: crash if csrfToken does not exist

NodeBB · Jul 22, 2020 · a3c8d45 · a3c8d45
1 parent 6f889c9
commit a3c8d45
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/routes/authentication.js b/src/routes/authentication.js
@@ -67,7 +67,7 @@ Auth.reloadRoutes = async function (params) {
 	loginStrategies.forEach(function (strategy) {
 		if (strategy.url) {
 			router.get(strategy.url, Auth.middleware.applyCSRF, function (req, res, next) {
-				req.session.ssoState = req.csrfToken();
+				req.session.ssoState = req.csrfToken && req.csrfToken();
 				passport.authenticate(strategy.name, {
 					scope: strategy.scope,
 					prompt: strategy.prompt || undefined,