Adding csrf to templates.

author: Kalevi Yypänaho <kyypanah@local> 2023-11-27 20:35:57 +0200
committer: Kalevi Yypänaho <kyypanah@local> 2023-11-27 20:35:57 +0200
commit: d74aca91c689b54b7b49bbfa7121f458f4caf751 (patch)
tree: b13f1ffc7d6f5c816ac16147cc9b8703a17c69c7 /routes/tools.py
parent: d6c73dbde8a35905a8f29caf9b6d088043a5e78f (diff)
1 files changed, 6 insertions, 5 deletions
diff --git a/routes/tools.py b/routes/tools.py
index 3f831a9..c55ca74 100644
--- a/routes/tools.py
+++ b/routes/tools.py
@@ -1,5 +1,5 @@
 from random import randint
-from flask import session
+from flask import session, request
 import db_actions as D
 
 def rows2dicts( rows, names ):
@@ -38,9 +38,10 @@ def generate_link():
         str+=vocal[randint(0,len(vocal)-1)]
     return str
 
-def csrf_check( redir ):
+def csrf_check():
     if "csrf" not in session \
             or "csrf" not in request.form \
-            or session["csrf"]!=request.form["csrf"]:
-        session["alert"]="Istuntosi katkesi tai pyyntö toiselta sivulta!"
-        return redirect( redir )
+            or session["csrf"] != request.form["csrf"]:
+        session["alert"]="Istuntosi katkesi tai pyyntö on toiselta sivulta!"
+        return True
+    return False
author	Kalevi Yypänaho <kyypanah@local>	2023-11-27 20:35:57 +0200
committer	Kalevi Yypänaho <kyypanah@local>	2023-11-27 20:35:57 +0200
commit	d74aca91c689b54b7b49bbfa7121f458f4caf751 (patch)
tree	b13f1ffc7d6f5c816ac16147cc9b8703a17c69c7 /routes/tools.py
parent	d6c73dbde8a35905a8f29caf9b6d088043a5e78f (diff)