26 lines
700 B
Python
26 lines
700 B
Python
|
from flask import request, flash, redirect, url_for
|
||
|
from flask_wtf.csrf import CSRFProtect, validate_csrf, ValidationError
|
||
|
from functools import wraps
|
||
|
|
||
|
csrf = CSRFProtect()
|
||
|
|
||
|
|
||
|
def get_csrf_check_required(redirect_to):
|
||
|
def wrapper(f):
|
||
|
@wraps(f)
|
||
|
def decorated_function(*args, **kwargs):
|
||
|
if not check_csrf_get():
|
||
|
flash('CSRF-Check fehlgeschlagen!', 'danger')
|
||
|
return redirect(url_for(redirect_to))
|
||
|
return f(*args, **kwargs)
|
||
|
return decorated_function
|
||
|
return wrapper
|
||
|
|
||
|
|
||
|
def check_csrf_get():
|
||
|
try:
|
||
|
validate_csrf(request.args.get('csrf_token'))
|
||
|
except ValidationError:
|
||
|
return False
|
||
|
return True
|