def load_session_from_cookie(request): secret = current_app.config.get("session_secret") if secret: session_name = current_app.config.get("session_cookie_name") or "session" local.session = SecureCookie.load_cookie(request, session_name, secret_key=secret) request._flash = local.session.pop("_flash", {}) csrf_token() # all session should have csrf token else: local.session = {} local.session["_flash"] = {}
def _post_js(): from raginei.ext.csrf import csrf_token return ''.join([ "var f = document.createElement('form'); f.style.display = 'none';" "this.parentNode.appendChild(f); f.method = 'post'; f.action = this.href;", "var m = document.createElement('input'); m.setAttribute('type', 'hidden');", "m.setAttribute('name', '_csrf'); m.setAttribute('value', '%s'); f.appendChild(m);" % ( csrf_token(),), "f.submit();", ])