Merge pull request #8 from AbdulGhani002/autofix/alert-31-0737dc014d

Fix code scanning alert no. 31: Missing CSRF middleware

.github/workflows/codeql.yml

@@ -39,7 +39,7 @@ jobs:
       if: matrix.language == 'javascript-typescript'
       run: |
         # Install Node.js dependencies
-        npm install
+        npm install && npm start
 
     - name: Build the project
       if: matrix.language == 'javascript-typescript'

app.js

@@ -7,6 +7,7 @@ const authRoutes = require("./routes/auth.routes");
 const accountRoutes = require("./routes/account.routes");
 const cookieParser = require("cookie-parser");
 const {checkUser} = require("./middlewares/auth-middleware");
+const csrf = require('lusca').csrf;
 
 const errorHandlerMiddleware = require("./middlewares/error-handler");
 
@@ -18,6 +19,7 @@ app.use(express.static("public"));
 app.use(express.static("pictures"));
 app.use(express.urlencoded({ extended: true }));
 app.use(cookieParser());
+app.use(csrf());
 
 app.get("*",checkUser);
 app.use(baseRoutes);