fix csrf breaking proxies

2020-05-31 01:15:24 +02:00 · 2020-05-31 01:15:24 +02:00 · b495cae6cd
parent 5c6938ae5a
commit b495cae6cd
1 changed files with 3 additions and 0 deletions
--- a/sso/settings.py
+++ b/sso/settings.py
@ -6,6 +6,9 @@ env.read_env()
 SQLALCHEMY_TRACK_MODIFICATIONS = False
 WTF_CSRF_CHECK_DEFAULT = False

+# This needs to be disabled when we use an additional proxy in front of our app
+WTF_CSRF_SSL_STRICT = env.bool("WTF_CSRF_SSL_STRICT", default=False)
+
 SECRET_KEY = env.str("SECRET_KEY", default="randomstring")

 db_username = env.str("DATABASE_USERNAME", default="postgres")