当前位置: 首页>>代码示例>>Python>>正文


Python csrf.CSRFError方法代码示例

本文整理汇总了Python中flask_wtf.csrf.CSRFError方法的典型用法代码示例。如果您正苦于以下问题:Python csrf.CSRFError方法的具体用法?Python csrf.CSRFError怎么用?Python csrf.CSRFError使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在flask_wtf.csrf的用法示例。


在下文中一共展示了csrf.CSRFError方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: test_csrf_returns_400

# 需要导入模块: from flask_wtf import csrf [as 别名]
# 或者: from flask_wtf.csrf import CSRFError [as 别名]
def test_csrf_returns_400(logged_in_client, mocker):
    # we turn off CSRF handling for tests, so fake a CSRF response here.
    csrf_err = CSRFError('400 Bad Request: The CSRF tokens do not match.')
    mocker.patch('app.main.views.index.render_template', side_effect=csrf_err)

    response = logged_in_client.get('/cookies')

    assert response.status_code == 400
    page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
    assert page.h1.string.strip() == 'Sorry, there’s a problem with GOV.UK Notify'
    assert page.title.string.strip() == 'Sorry, there’s a problem with the service – GOV.UK Notify' 
开发者ID:alphagov,项目名称:notifications-admin,代码行数:13,代码来源:test_errorhandlers.py

示例2: test_csrf_redirects_to_sign_in_page_if_not_signed_in

# 需要导入模块: from flask_wtf import csrf [as 别名]
# 或者: from flask_wtf.csrf import CSRFError [as 别名]
def test_csrf_redirects_to_sign_in_page_if_not_signed_in(client, mocker):
    csrf_err = CSRFError('400 Bad Request: The CSRF tokens do not match.')
    mocker.patch('app.main.views.index.render_template', side_effect=csrf_err)

    response = client.get('/cookies')

    assert response.status_code == 302
    assert response.location == url_for('main.sign_in', next='/cookies', _external=True) 
开发者ID:alphagov,项目名称:notifications-admin,代码行数:10,代码来源:test_errorhandlers.py

示例3: unauth_csrf

# 需要导入模块: from flask_wtf import csrf [as 别名]
# 或者: from flask_wtf.csrf import CSRFError [as 别名]
def unauth_csrf(fall_through=False):
    """Decorator for endpoints that don't need authentication
    but do want CSRF checks (available via Header rather than just form).
    This is required when setting *WTF_CSRF_CHECK_DEFAULT* = **False** since in that
    case, without this decorator, the form validation will attempt to do the CSRF
    check, and that will fail since the csrf-token is in the header (for pure JSON
    requests).

    This decorator does nothing unless Flask-WTF::CSRFProtect has been initialized.

    This decorator does nothing if *WTF_CSRF_ENABLED* == **False**.

    This decorator will always require CSRF if the caller is authenticated.

    This decorator will suppress CSRF if caller isn't authenticated and has set the
    *SECURITY_CSRF_IGNORE_UNAUTH_ENDPOINTS* config variable.

    :param fall_through: if set to True, then if CSRF fails here - simply keep going.
        This is appropriate if underlying view is form based and once the form is
        instantiated, the csrf_token will be available.
        Note that this can mask some errors such as 'The CSRF session token is missing.'
        meaning that the caller didn't send a session cookie and instead the caller
        might get a 'The CSRF token is missing.' error.

    .. versionadded:: 3.3.0
    """

    def wrapper(fn):
        @wraps(fn)
        def decorated(*args, **kwargs):
            if not current_app.config.get(
                "WTF_CSRF_ENABLED", False
            ) or not current_app.extensions.get("csrf", None):
                return fn(*args, **kwargs)

            if (
                config_value("CSRF_IGNORE_UNAUTH_ENDPOINTS")
                and not current_user.is_authenticated
            ):
                _request_ctx_stack.top.fs_ignore_csrf = True
            else:
                try:
                    _csrf.protect()
                except CSRFError:
                    if not fall_through:
                        raise

            return fn(*args, **kwargs)

        return decorated

    return wrapper 
开发者ID:Flask-Middleware,项目名称:flask-security,代码行数:54,代码来源:decorators.py


注:本文中的flask_wtf.csrf.CSRFError方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。