CSRF and various enhancements

src/lib/constants.js

@@ -166,6 +166,7 @@ let constants = {
 		instance_list_cache_time: 3*60*1000,
 		updater_cache_time: 2*60*1000,
 		cache_sweep_interval: 3*60*1000,
+		csrf_time: 60*60*1000,
 		self_blocked_status: {
 			enabled: true,
 			time: 2*60*60*1000,
@@ -232,7 +233,7 @@ let constants = {
 
 	additional_routes: [],
 
-	database_version: 6
+	database_version: 7
 }
 
 // Override values from config and export the result

src/lib/utils/upgradedb.js

@@ -85,6 +85,15 @@ const deltas = new Map([
 			db.prepare("ALTER TABLE UserSettings ADD COLUMN rewrite_twitter TEXT NOT NULL DEFAULT ''")
 				.run()
 		})()
+	}],
+	// version 6 to version 7
+	[7, function() {
+		db.transaction(() => {
+			db.prepare("DROP TABLE IF EXISTS CSRFTokens")
+				.run()
+			db.prepare("CREATE TABLE CSRFTokens (token TEXT NOT NULL, expires INTEGER NOT NULL, PRIMARY KEY (token))")
+				.run()
+		})()
 	}]
 ])