diff options
| author | Jocelyn Delalande <jocelyn@crapouillou.net> | 2017-03-29 14:32:43 +0200 |
|---|---|---|
| committer | Jocelyn Delalande <jocelyn@crapouillou.net> | 2017-03-29 14:32:43 +0200 |
| commit | c7f4547d5d99c3ba5aed594304d050c81d33ab97 (patch) | |
| tree | 588531de808a1bd3535963f79b7b22e513890f0d | |
| parent | 7380b6f9f71c1ab3da905d8795a50f0aeb418950 (diff) | |
| download | ihatemoney-mirror-c7f4547d5d99c3ba5aed594304d050c81d33ab97.zip ihatemoney-mirror-c7f4547d5d99c3ba5aed594304d050c81d33ab97.tar.gz ihatemoney-mirror-c7f4547d5d99c3ba5aed594304d050c81d33ab97.tar.bz2 | |
Use non-deprecated way to disable CSRF for API
See also https://github.com/lepture/flask-wtf/pull/287
| -rw-r--r-- | budget/api.py | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/budget/api.py b/budget/api.py index ec664b6..4b991bd 100644 --- a/budget/api.py +++ b/budget/api.py @@ -29,7 +29,7 @@ def check_project(*args, **kwargs): class ProjectHandler(object): def add(self): - form = ProjectForm(csrf_enabled=False) + form = ProjectForm(meta={'csrf': False}) if form.validate(): project = form.save() db.session.add(project) @@ -49,7 +49,7 @@ class ProjectHandler(object): @need_auth(check_project, "project") def update(self, project): - form = EditProjectForm(csrf_enabled=False) + form = EditProjectForm(meta={'csrf': False}) if form.validate(): form.update(project) db.session.commit() @@ -69,7 +69,7 @@ class MemberHandler(object): return 200, project.members def add(self, project): - form = MemberForm(project, csrf_enabled=False) + form = MemberForm(project, meta={'csrf': False}) if form.validate(): member = Person() form.save(project, member) @@ -78,7 +78,7 @@ class MemberHandler(object): return 400, form.errors def update(self, project, member_id): - form = MemberForm(project, csrf_enabled=False) + form = MemberForm(project, meta={'csrf': False}) if form.validate(): member = Person.query.get(member_id, project) form.save(project, member) @@ -104,7 +104,7 @@ class BillHandler(object): return project.get_bills().all() def add(self, project): - form = get_billform_for(project, True, csrf_enabled=False) + form = get_billform_for(project, True, meta={'csrf': False}) if form.validate(): bill = Bill() form.save(bill, project) @@ -114,7 +114,7 @@ class BillHandler(object): return 400, form.errors def update(self, project, bill_id): - form = get_billform_for(project, True, csrf_enabled=False) + form = get_billform_for(project, True, meta={'csrf': False}) if form.validate(): bill = Bill.query.get(project, bill_id) form.save(bill, project) |