烧瓶错误 CSRF 令牌丢失
flask error CSRF token is missing
我试图通过扩展名为 flask-retful 的 post 方法禁用一些请求,在文档中它告诉我如何禁用 csrt 但它不起作用,这些是我的文件
/app.py
from flask import Flask
from models.model import db
from Views.View import view
from api import restApi
from api import _csrfProtect
application = Flask(__name__)
application.config.from_object('config.developement')
#application.register_blueprint(view)
restApi.init_app(application)
_csrfProtect.init_app(application)
db.init_app(application)
/config/configuration.py
class developement(object):
DEBUG = True
SQLALCHEMY_DATABASE_URI = 'mysql:........'
SQLALCHEMY_TRACK_MODIFICATIONS = False
#SECRET_KEY = 'misecret'
WTF_CSRF_SECRET_KEY='secretKey'
#WTF_CSRF_CHECK_DEFAULT=False
WTF_CSRF_ENABLED = True
/forms/forms.py
from flask_wtf import FlaskForm,Form
from wtforms import StringField
class NewUser(FlaskForm):
name = StringField('name')
surname = StringField('surname')
email = StringField('email')
class Meta:
csrf=False
/api/api.py
from flask import jsonify,request
from .csrfProtect import _csrfProtect
from sqlalchemy.exc import IntegrityError
from models.model import db,Student
from forms import NewUser
from flask_restful import Resource,Api
restApi = Api()
class AddUser(Resource):
method_decorators = [_csrfProtect.exempt]
def post(self):
form = NewUser(request.POST)
if form.validate():
return jsonify(data='success')
else:
return jsonify(error=form.errors)
restApi.add_resource(AddDataUser,'/updatedata')
restApi.add_resource(AddUser,'/newuser')
/api/csrfProtect.py
from flask_wtf import CSRFProtect
_csrfProtect = CSRFProtect()
所有请求都是一样的
{
"message": "The CSRF token is missing."
}
并用于停用 csrf
class Meta:
csrf=False
和
method_decorators = [_csrfProtect.exempt]
根据我找到的所有文档,我已经尝试了他所说的一切但没有任何结果,csrf 始终处于活动状态。
我已通过将视图或蓝图标记为不受 CSRF 保护来解决此问题。
app = Flask(__name__)
csrf = CSRFProtect(app)
@app.route('/some-view', methods=['POST'])
@csrf.exempt
def some_view():
...
bp = Blueprint(...)
csrf.exempt(bp)
我试图通过扩展名为 flask-retful 的 post 方法禁用一些请求,在文档中它告诉我如何禁用 csrt 但它不起作用,这些是我的文件
/app.py
from flask import Flask
from models.model import db
from Views.View import view
from api import restApi
from api import _csrfProtect
application = Flask(__name__)
application.config.from_object('config.developement')
#application.register_blueprint(view)
restApi.init_app(application)
_csrfProtect.init_app(application)
db.init_app(application)
/config/configuration.py
class developement(object):
DEBUG = True
SQLALCHEMY_DATABASE_URI = 'mysql:........'
SQLALCHEMY_TRACK_MODIFICATIONS = False
#SECRET_KEY = 'misecret'
WTF_CSRF_SECRET_KEY='secretKey'
#WTF_CSRF_CHECK_DEFAULT=False
WTF_CSRF_ENABLED = True
/forms/forms.py
from flask_wtf import FlaskForm,Form
from wtforms import StringField
class NewUser(FlaskForm):
name = StringField('name')
surname = StringField('surname')
email = StringField('email')
class Meta:
csrf=False
/api/api.py
from flask import jsonify,request
from .csrfProtect import _csrfProtect
from sqlalchemy.exc import IntegrityError
from models.model import db,Student
from forms import NewUser
from flask_restful import Resource,Api
restApi = Api()
class AddUser(Resource):
method_decorators = [_csrfProtect.exempt]
def post(self):
form = NewUser(request.POST)
if form.validate():
return jsonify(data='success')
else:
return jsonify(error=form.errors)
restApi.add_resource(AddDataUser,'/updatedata')
restApi.add_resource(AddUser,'/newuser')
/api/csrfProtect.py
from flask_wtf import CSRFProtect
_csrfProtect = CSRFProtect()
所有请求都是一样的
{
"message": "The CSRF token is missing."
}
并用于停用 csrf
class Meta:
csrf=False
和
method_decorators = [_csrfProtect.exempt]
根据我找到的所有文档,我已经尝试了他所说的一切但没有任何结果,csrf 始终处于活动状态。
我已通过将视图或蓝图标记为不受 CSRF 保护来解决此问题。
app = Flask(__name__)
csrf = CSRFProtect(app)
@app.route('/some-view', methods=['POST'])
@csrf.exempt
def some_view():
...
bp = Blueprint(...)
csrf.exempt(bp)