Skip to content

Instantly share code, notes, and snippets.

@frostming

frostming/api.js

Last active Mar 5, 2020
Star
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
Flask WTF cookie based CSRF
Raw
api.js
// npm i js-cookie --save
import axios from 'axios'
import Cookies from 'js-cookie'
const api = axios.create({
headers: {
'Content-Type': 'application/json',
'X-CSRF-TOKEN': Cookies.get('csrf_token')
})
Raw
app.py
from flask import Flask, request
from flask_wtf import CSRFProtect, generate_csrf
app = Flask(__name__)
CSRFProtect(app)
@app.after_request
def inject_csrf_token(response):
response.set_cookie('csrf_token', generate_csrf())
return response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment