Python Forum
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
The CSRF session token is missing.
#1
Hi everyone!

I have the following error message: The CSRF session token is missing.

I have everything completed in the documentation for an Ajax post request with the following fetch request:

fetch("http://127.0.0.1:5000/user/login", {
method: 'POST',
headers: {
'Accept': 'application/json',
'X-CSRFToken': this.state.csrf,              
},
credentials: "include",
body: JSON.stringify({email: email, password: password}),          
})
I also have debugged this.state.csrf and it does have the string that was generated by another endpoint I created:

app.route("/secret", methods=["GET"])

def secret():

return render_template("csrf.payload")

csrf payload has: {{ csrf_token() }}
I think it may be two problems: maybe my flask app is requiring secure connection; or maybe my flask app is deleting my session data because of size of csrf token? This is after extensive googling.

Ofcourse my __init__.py has

csrf = CSRFProtect()
csrf.init_app(app)
Please help solve this error; I don't know why my session csrf token is missing :(
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  passing token to requests alejandroot 4 3,078 Mar-12-2021, 04:49 PM
Last Post: alejandroot
Photo [Solved] How do I position 'token' in JavaScript in search box? cheers100 1 1,865 Nov-21-2020, 01:23 PM
Last Post: cheers100
  Getting csrf token to log in spartanvfl 4 24,161 Aug-08-2019, 08:19 PM
Last Post: NSearch
  Token and auth-token hshivaraj 1 2,829 Jul-26-2019, 07:40 AM
Last Post: fishhook
  Missing cookies in session with requests sechot 0 6,249 Oct-22-2017, 12:09 PM
Last Post: sechot

Forum Jump:

User Panel Messages

Announcements
Announcement #1 8/1/2020
Announcement #2 8/2/2020
Announcement #3 8/6/2020