Can't add exempt for Blueprints #134
Comments
|
Not sure whether you're still having an issue with this, but if you are, please provide a code sample. Generally speaking, you should be able to wrap a Blueprint's route function with from flask import Flask
from flask import Blueprint
from flask_seasurf import SeaSurf
app = Flask(__name__)
app.secret_key = "super secret key"
csrf = SeaSurf(app)
custom_blueprint = Blueprint('custom', __name__, url_prefix='/custom')
@csrf.exempt
@custom_blueprint.route('/exempt', methods=['POST'])
def exempt_route():
return "This route is exempt from CSRF"
@custom_blueprint.route('/nonexempt', methods=['POST'])
def non_exempt_route():
return "This route is not exempt from CSRF"
app.register_blueprint(custom_blueprint)However depending on how you have you file structure set up, you might need to do something different. If you can provide some details on your specific problem (code examples), then I might be able to help further. |
|
I actually am running into the same issue, where I can't use the # my_module/blueprint.py
from flask import Blueprint
bp = Blueprint('my_blueprint', __name__)
@bp.post("/test-blueprint-route")
@bp.csrf.exempt # <-- This throws an error
def post_test_blueprint_route():
return { "success": True }# app.py
import Flask
from flask_seasurf import SeaSurf
from my_module.blueprint import bp
app = Flask(__name__)
app.secret_key = "super-secret-key"
app.csrf = SeaSurf(app)
app.register_blueprint(bp, url_prefix="/api")
@app.post("/test-route")
@app.csrf.exempt # <-- This does NOT throw an error
def post_test_route():
return { "success": True }The error I get is: Based on your above example it works because the |
1 similar comment
|
I actually am running into the same issue, where I can't use the # my_module/blueprint.py
from flask import Blueprint
bp = Blueprint('my_blueprint', __name__)
@bp.post("/test-blueprint-route")
@bp.csrf.exempt # <-- This throws an error
def post_test_blueprint_route():
return { "success": True }# app.py
import Flask
from flask_seasurf import SeaSurf
from my_module.blueprint import bp
app = Flask(__name__)
app.secret_key = "super-secret-key"
app.csrf = SeaSurf(app)
app.register_blueprint(bp, url_prefix="/api")
@app.post("/test-route")
@app.csrf.exempt # <-- This does NOT throw an error
def post_test_route():
return { "success": True }The error I get is: Based on your above example it works because the |
Anyone got a hint how to add a Blueprint's route to the _exempt_views set?
Something like
csrf._exempt_views.add("bp_user.someroute")Importing the root @csrf.exempt decorator in the Blueprint doesn't seem to work either
The text was updated successfully, but these errors were encountered: