Skip to content

Commit fcff27c

Browse files
rafaelhenriquerafaelhenrique
committed
Implements CSRF verification
1 parent 70a27c1 commit fcff27c

File tree

3 files changed

+6
-1
lines changed

3 files changed

+6
-1
lines changed

tvseries/__init__.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
from flask import Flask
22

33
from tvseries import config
4-
from tvseries.ext import db
4+
from tvseries.ext import db, csrf
55
from tvseries.core import core_blueprint
66

77

@@ -10,4 +10,5 @@ def create_app(config=config.ProductionConfig):
1010
app.config.from_object(config)
1111
app.register_blueprint(core_blueprint, url_prefix='/')
1212
db.init_app(app)
13+
csrf.init_app(app)
1314
return app

tvseries/config.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ class BaseConfig(object):
1111
SQLALCHEMY_TRACK_MODIFICATIONS = True
1212
COLLECT_STATIC_ROOT = os.path.join(BASE_DIR, "static")
1313
COLLECT_STORAGE = 'flask_collect.storage.file'
14+
WTF_CSRF_ENABLED = True
1415
DEBUG = False
1516
TESTING = False
1617

@@ -22,6 +23,7 @@ class DevelopmentConfig(BaseConfig):
2223
class TestConfig(BaseConfig):
2324
SQLALCHEMY_DATABASE_URI = 'sqlite:///tvseries-test.sqlite3'
2425
TESTING = True
26+
WTF_CSRF_ENABLED = False
2527

2628

2729
class ProductionConfig(BaseConfig):

tvseries/ext.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
11
from flask_sqlalchemy import SQLAlchemy
2+
from flask_wtf.csrf import CsrfProtect
23

34
db = SQLAlchemy()
5+
csrf = CsrfProtect()

0 commit comments

Comments
 (0)