config/config.default.jsapp/routers.js config/config.default.jsconfig.security = { csrf: { enable:false } } app/routers.jsrouter.post('/login', controller.login.index);