Adding Flask-SeaSurf module for CSRF protection.

2025-06-15 04:26:05 +00:00 · 2018-11-21 10:24:33 +07:00
parent ea53ae340f
commit 5f049debe5
25 changed files with 93 additions and 77 deletions
--- a/app/templates/login.html
+++ b/app/templates/login.html
@ -32,6 +32,7 @@
      </div>
  {% endif %}
      <form action="" method="post" data-toggle="validator">
+      <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
      <div class="form-group">
        <input type="text" class="form-control" placeholder="Username" name="username" data-error="Please input your username" required {% if username %}value="{{ username }}"{% endif %}>
        <span class="help-block with-errors"></span>