I have the following view which logins a user. I am using flask-wtforms for forms.
我有如下视图,它可以登录用户。我在用flask-wtforms表格。
def login(self, username, password):
return self.app.post('/users/login', data=dict(
email=username,
password=password
), follow_redirects=True)
I have already disabled CSRF in my configuration:
我已经在我的配置中禁用了CSRF:
class Config(object):
SECRET_KEY = .....
DEBUG = True
TESTING = True
CSRF_ENABLED = False
SQLALCHEMY_DATABASE_URI = .......
but I still get the error {'csrf_token': ['CSRF token missing']}in self.errors
但是,我仍然会在self。errors中得到错误{'csrf_token': ['CSRF token missing']}。
What is the problem here ?
这里有什么问题?
3 个解决方案
#1
#2
1
i have found solution in the latest document of flask-wtforms(the doc i read is too old) the config should be WTF_CSRF_ENABLED not CSRF_ENABLED
我已经在flask-wtforms的最新文档中找到了解决方案(我读取的文档太旧了),配置应该是WTF_CSRF_ENABLED,而不是CSRF_ENABLED。
#3
0
If you're using the latest version as of December 2015 (v0.12) then you should replace SECRET_KEY = ... with WTF_CSRF_SECRET_KEY = ...
如果您使用的是2015年12月的最新版本(v0.12),那么您应该替换SECRET_KEY =…与WTF_CSRF_SECRET_KEY =…
#1
4
Which version of FLask-WTF are you using?
你用的是哪个版本的FLask-WTF ?
Prior to version 0.9.0 you use CSRF_ENABLED. Source. Versions >= 0.9.0 use WTF_CSRF_ENABLED. Source.
在版本0.9.0之前,您使用的是CSRF_ENABLED。源。版本>= 0.9.0使用WTF_CSRF_ENABLED。源。
#2
1
i have found solution in the latest document of flask-wtforms(the doc i read is too old) the config should be WTF_CSRF_ENABLED not CSRF_ENABLED
我已经在flask-wtforms的最新文档中找到了解决方案(我读取的文档太旧了),配置应该是WTF_CSRF_ENABLED,而不是CSRF_ENABLED。
#3
0
If you're using the latest version as of December 2015 (v0.12) then you should replace SECRET_KEY = ... with WTF_CSRF_SECRET_KEY = ...
如果您使用的是2015年12月的最新版本(v0.12),那么您应该替换SECRET_KEY =…与WTF_CSRF_SECRET_KEY =…