Home > Software engineering >  CSRF invalid token for API call in Flask
CSRF invalid token for API call in Flask

Time:11-25

My objective is to build Rest API on Flask. When i send post JSON request to the server from Postman application http://127.0.0.1:5000/api/v1/posts/add/post, I get "The CSRF token is missing" Error.

Respective route is here:

@api.route('/posts/add/post', methods=['POST'])
def add_post():
  subject = request.json['subject']
  body = request.json['body']
  myPost = Post(subject=subject, body=body, category_id=1)
  db.session.add(myPost)
  db.session.commit()
  return post_schema.jsonify(myPost).data

I have looked at different examples and nobody mentions about CSRF for such requests, as usually its used for WTF s. Can you please advice, what am i doing wrong and fow to fix it?

CodePudding user response:

Based on this extract from the docs, is it possible you are protecting your app like this?

from flask_wtf.csrf import CSRFProtect

csrf = CSRFProtect(app)

Usually, you only need this for basic flask apps (docs):

from flask import Flask

app = Flask(__name__)

Page link:https//www.codepudding.com/Softwareengineering/622247.html

Prev:Elasticsearch: Is there a way to divide _count value from bucket within a sampler aggregation with p
Next:How to get a specific layout in a row of different elements containing pictures and text in CSS/HTML
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding