From 58afb5203845d5758ecb264b79811d64dd5d726a Mon Sep 17 00:00:00 2001 From: Jon Stutters Date: Tue, 28 Jul 2015 13:20:57 +0100 Subject: [PATCH] Flask-WTF now uses WTF_CSRF_ENABLED and WTF_CSRF_SECRET_KEY. --- Large-app-how-to.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Large-app-how-to.md b/Large-app-how-to.md index fb87061..2caaf2e 100644 --- a/Large-app-how-to.md +++ b/Large-app-how-to.md @@ -111,8 +111,8 @@ We'll create 4 modules, a user module (manage user's registration, login, lost p THREADS_PER_PAGE = 8 - CSRF_ENABLED = True - CSRF_SESSION_KEY = "somethingimpossibletoguess" + WTF_CSRF_ENABLED = True + WTF_CSRF_SECRET_KEY = "somethingimpossibletoguess" RECAPTCHA_USE_SSL = False RECAPTCHA_PUBLIC_KEY = '6LeYIbsSAAAAACRPIllxA7wvXjIE411PfdB2gt2J' @@ -126,7 +126,7 @@ We'll create 4 modules, a user module (manage user's registration, login, lost p * `ADMINS` will be used if you need to email information to the site administrators. * `SQLALCHEMY_DATABASE_URI` and `DATABASE_CONNECT_OPTIONS` are SQLAlchemy connection options (hard to guess) * `THREADS_PER_PAGE` my understanding was 2/core... might be wrong :) -* `CSRF_ENABLED` and `CSRF_SESSION_KEY` are protecting against form post fraud +* `WTF_CSRF_ENABLED` and `WTF_CSRF_SECRET_KEY` are protecting against form post fraud * `RECAPTCHA_*` WTForms comes with a `RecaptchaField` ready to use... just need to go to recaptcha website and get your public and private key. ## First module