Skip to content

Instantly share code, notes, and snippets.

@frostming
Last active March 22, 2023 14:18
Show Gist options
  • Star 4 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save frostming/dbb514c8ae1e9363039e9df537988812 to your computer and use it in GitHub Desktop.
Save frostming/dbb514c8ae1e9363039e9df537988812 to your computer and use it in GitHub Desktop.
Flask WTF cookie based CSRF
// npm i js-cookie --save
import axios from 'axios'
import Cookies from 'js-cookie'
const api = axios.create({
headers: {
'Content-Type': 'application/json',
'X-CSRF-TOKEN': Cookies.get('csrf_token')
})
from flask import Flask, request
from flask_wtf import CSRFProtect, generate_csrf
app = Flask(__name__)
CSRFProtect(app)
@app.after_request
def inject_csrf_token(response):
response.set_cookie('csrf_token', generate_csrf())
return response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment