From 07cd45424823c45899f3e58a0be55aa8a543f725 Mon Sep 17 00:00:00 2001
From: Noloquideus <daniilmanukian@gmail.com>
Date: Tue, 12 May 2026 23:37:30 +0300
Subject: [PATCH] feat: add csrf

---
 src/presentation/routing/order.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/presentation/routing/order.py b/src/presentation/routing/order.py
index e93016a..8e4e193 100644
--- a/src/presentation/routing/order.py
+++ b/src/presentation/routing/order.py
@@ -237,6 +237,7 @@ async def payment_quote(
         status_code=200,
         responses=ERROR_RESPONSES,
 )
+@csrf_protect()
 async def list_orders(
         limit: int = Query(default=20, ge=1, le=100),
         offset: int = Query(default=0, ge=0),
@@ -254,6 +255,7 @@ async def list_orders(
         status_code=200,
         responses=ERROR_RESPONSES,
 )
+@csrf_protect()
 async def list_payments(
         limit: int = Query(default=20, ge=1, le=100),
         offset: int = Query(default=0, ge=0),
@@ -275,6 +277,7 @@ async def list_payments(
         status_code=200,
         responses=ERROR_RESPONSES,
 )
+@csrf_protect()
 async def order_status(
         order_id: str,
         auth: AuthContext = Depends(require_access_token),
@@ -327,6 +330,7 @@ async def order_events(
         status_code=200,
         responses=ERROR_RESPONSES,
 )
+@csrf_protect()
 async def order_detail(
         order_id: str,
         auth: AuthContext = Depends(require_access_token),