yagich/pyrom
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

add csrf protection

Browse Source
This commit is contained in:
Lera Elvoé
2026-04-19 12:57:59 +03:00
parent 9682295dae
commit 0c2e920206
6 changed files with 77 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/routes/mod.py
View File

@@ -1,5 +1,5 @@
from flask import Blueprint, abort, redirect, url_for, request, render_template
from ..auth import is_logged_in, get_active_user
from ..auth import is_logged_in, get_active_user, csrf_verified
from ..models import Topics, Threads
bp = Blueprint('mod', __name__, url_prefix='/mod/')
@@ -81,13 +81,16 @@ def sticky_thread(thread_id):
return redirect(url_for('threads.thread', slug=thread.slug))
@bp.post('/users/<int:user_id>/make-guest/')
@csrf_verified
def make_user_guest(user_id):
return 'stub'
@bp.post('/users/<int:user_id>/make-user/')
@csrf_verified
def make_user_regular(user_id):
return 'stub'
@bp.post('/users/<int:user_id>/make-mod/')
@csrf_verified
def make_user_mod(user_id):
return 'stub'