Skip to content
All gists
Back to GitHub
Sign in
Sign up
Sign in
Sign up
{{ message }}
Instantly share code, notes, and snippets.
frostming
/
api.js
Last active
Mar 5, 2020
Star
0
Fork
0
Star
Code
Revisions
3
Embed
What would you like to do?
Embed
Embed this gist in your website.
Share
Copy sharable link for this gist.
Clone via HTTPS
Clone with Git or checkout with SVN using the repository’s web address.
Learn more about clone URLs
Download ZIP
Flask WTF cookie based CSRF
Raw
api.js
// npm i js-cookie --save
import
axios
from
'axios'
import
Cookies
from
'js-cookie'
const
api
=
axios
.
create
(
{
headers
:
{
'Content-Type'
:
'application/json'
,
'X-CSRF-TOKEN'
:
Cookies
.
get
(
'csrf_token'
)
}
)
Raw
app.py
from
flask
import
Flask
,
request
from
flask_wtf
import
CSRFProtect
,
generate_csrf
app
=
Flask
(
__name__
)
CSRFProtect
(
app
)
@
app
.
after_request
def
inject_csrf_token
(
response
):
response
.
set_cookie
(
'csrf_token'
,
generate_csrf
())
return
response
Sign up for free
to join this conversation on GitHub
. Already have an account?
Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window.
Reload
to refresh your session.
You signed out in another tab or window.
Reload
to refresh your session.