How to exempt csrf token in flask application factory

Asked Jun 07 '20 at 10:49

Active Jun 07 '20 at 10:49

Viewed 572 times

I am using flask's application factory and I am trying to exempt a route. If I put csrf.exempt(team_routes.team_bp) it works, but I only need to exempt the team_bp.stat route. I have tried csrf.exempt(team_routes.team_bp.team_stats)

csrf = CSRFProtect()

def create_app()
    ....
    csrf.init_app(app)
    with app.app_context():
        app.register_blueprint(team_route.team_bp)

my team_route.py file

 team_bp = Blueprint()

 @team_route.route('/stat/')
 @current_app.csrf.exempt
 def team_stats():

When adding @current_app.csrf.exempt in the route I get the following error Flask object has no attribute csrf. If I add the csrf_token() to the form and submit it works. But I want to have the stat route exempt

asked Jun 07 '20 at 10:49

user3525290

1,557
2
20
47

Me too! I am having the same issue converting from simple flask to Factory. It was working fine as @csrf.exempt with simple start so there is something up with factory pattern. – Bill Jul 11 '20 at 23:16
Yes the application factory seems to be the issue. Haven't found a solution but if I do I will post here. I just added the token to all. Not a huge issue but not idea either. – user3525290 Jul 13 '20 at 20:15

How to exempt csrf token in flask application factory

0 Answers0