Hi everyone!
I have the following error message: The CSRF session token is missing.
I have everything completed in the documentation for an Ajax post request with the following fetch request:
Ofcourse my __init__.py has
I have the following error message: The CSRF session token is missing.
I have everything completed in the documentation for an Ajax post request with the following fetch request:
fetch("http://127.0.0.1:5000/user/login", { method: 'POST', headers: { 'Accept': 'application/json', 'X-CSRFToken': this.state.csrf, }, credentials: "include", body: JSON.stringify({email: email, password: password}), })I also have debugged this.state.csrf and it does have the string that was generated by another endpoint I created:
app.route("/secret", methods=["GET"]) def secret(): return render_template("csrf.payload") csrf payload has: {{ csrf_token() }}I think it may be two problems: maybe my flask app is requiring secure connection; or maybe my flask app is deleting my session data because of size of csrf token? This is after extensive googling.
Ofcourse my __init__.py has
csrf = CSRFProtect() csrf.init_app(app)Please help solve this error; I don't know why my session csrf token is missing :(