flask-xsrf

Release 1.0.2

flask extension for defending against cross-site request forgery attacks (xsrf/csrf), by protecting flask endpoints with uniquely generated tokens for each request.

Homepage Repository PyPI Python

License
MIT
Install
pip install flask-xsrf==1.0.2

Documentation

flask-xsrf

flask extension for defending against cross-site request forgery attacks (xsrf/csrf)


BUILD-STATUS

branch build
master travis-ci build-status: master
develop travis-ci build-status: develop

LINKS

GETTING STARTED

install with pip:

$ pip install flask-xsrf

FEATURES

  • [TODO]

EXAMPLE USAGE

from flask import Flask, Response, session
app = Flask(__name__)
app.debug = True
app.secret_key = 'session_secret_key'
app.config['session_cookie_secure'] = True
app.config['remember_cookie_name'] = 'testdomain.com'
app.config['remember_cookie_duration_in_days'] = 1

@app.before_request
def before_request():
  if 'user_id' not in session:
    session['user_id'] = 'random_generated_anonymous_id'

def get_user_id():
  return session.get('user_id')

xsrfh = xsrf.XSRFTokenHandler(
  user_func=get_user_id, secret='xsrf_secret', timeout=3600)

@app.route('/test', methods=['GET'])
@xsrfh.send_token()
def test_get():
  return Response('success')

@app.route('/test', methods=['POST'])
@xsrfh.handle_token()
def test_post():
  return Response('success')

Stats

Dependencies
0
Dependent packages
0
Dependent repositories
0
Total releases
3
Latest release
First release
Stars
13
Forks
5
Watchers
1
Contributors
3
Repository size
25.4 KB
SourceRank
9

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

1.0.2
1.0.1
1.0.0

Contributors

gregory nicholas Heston Liebowitz Ricardo Velhote


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-12-15 14:22:17 UTC

Login to resync this project