sh4nks wrote:
karloff010 wrote:
It seems that there is a general problem how sqlachemy handling 'csrf_token' in forum related operations
How come? CSRF tokens are entirely managed by Flask-WTF.
=============
Error message looks like sqlalchemy ... i face a lot of those in the past.
i've taken a look at the part where you pass it to sqlachlemy, looks like you pass along the whole wtf element which contains the csrf_token, too.
file:
flaskbb/management/forms.py
[...]
class EditForumForm(ForumForm):
id = HiddenField()
def __init__(self, forum, *args, **kwargs):
self.forum = forum
kwargs['obj'] = self.forum
ForumForm.__init__(self, *args, **kwargs)
def save(self):
data = self.data
# remove the button
data.pop('submit', None)
forum = Forum(**data)
# flush SQLA info from created instance so that it can be merged
make_transient(forum)
make_transient_to_detached(forum)
return forum.save()
[...]
maybe you just need to declare it in the models
It seems that there is a general problem how sqlachemy handling 'csrf_token' in forum related operations
yes git state from today - by the way maybe its a good idea to add a hint for git clone to install guide