From 8a3341b59f544dd4a19ea85c11382e7f8731fc12 Mon Sep 17 00:00:00 2001
From: SysAdmin <sysadmin@silverlabs.uk>
Date: Fri, 3 Oct 2025 13:16:47 +0100
Subject: [PATCH] Fix: Add missing CSRF token to Categories Edit form
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

**Issue**: Edit category functionality failing with AntiforgeryValidationException
- Error: "The required antiforgery request token was not provided"
- POST requests to /Admin/Categories/Edit/{id} returning 400 Bad Request

**Root Cause**:
- Categories/Edit.cshtml form missing @Html.AntiForgeryToken()
- Create and Delete forms already had the token
- Edit was the only form missing CSRF protection

**Solution**:
- Added @Html.AntiForgeryToken() to Edit.cshtml (line 19)
- Matches pattern used in Create.cshtml and Index.cshtml delete forms

**Files Changed**:
- LittleShop/Areas/Admin/Views/Categories/Edit.cshtml

**Testing**:
- Deployed to production (container: littleshop-admin restarted)
- Edit category form now includes __RequestVerificationToken field

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 LittleShop/Areas/Admin/Views/Categories/Edit.cshtml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/LittleShop/Areas/Admin/Views/Categories/Edit.cshtml b/LittleShop/Areas/Admin/Views/Categories/Edit.cshtml
index 3c48193..00ab11b 100644
--- a/LittleShop/Areas/Admin/Views/Categories/Edit.cshtml
+++ b/LittleShop/Areas/Admin/Views/Categories/Edit.cshtml
@@ -16,6 +16,7 @@
         <div class="card">
             <div class="card-body">
                 <form method="post" action="@Url.Action("Edit", new { id = categoryId })">
+                    @Html.AntiForgeryToken()
                     @if (ViewData.ModelState.ErrorCount > 0)
                     {
                         <div class="alert alert-danger" role="alert">