fix csrf breaking proxies

author: Piotr Dobrowolski <admin@tastycode.pl> 2020-05-31 01:15:24 +0200
committer: Piotr Dobrowolski <admin@tastycode.pl> 2020-05-31 01:15:24 +0200
commit: b495cae6cd428fcba76895f3262457a78b7bb689 (patch)
tree: 4affd825ef63a6fe17939c6de55676144bbdb456
parent: 5c6938ae5af49676eef59d6f8f726292dffbab19 (diff)
download: sso-v2-b495cae6cd428fcba76895f3262457a78b7bb689.tar.gz
sso-v2-b495cae6cd428fcba76895f3262457a78b7bb689.tar.bz2
sso-v2-b495cae6cd428fcba76895f3262457a78b7bb689.tar.xz
sso-v2-b495cae6cd428fcba76895f3262457a78b7bb689.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/sso/settings.py b/sso/settings.py
index dedb314..b7c3a7a 100644
--- a/sso/settings.py
+++ b/sso/settings.py
@@ -6,6 +6,9 @@ env.read_env()
 SQLALCHEMY_TRACK_MODIFICATIONS = False
 WTF_CSRF_CHECK_DEFAULT = False
 
+# This needs to be disabled when we use an additional proxy in front of our app
+WTF_CSRF_SSL_STRICT = env.bool("WTF_CSRF_SSL_STRICT", default=False)
+
 SECRET_KEY = env.str("SECRET_KEY", default="randomstring")
 
 db_username = env.str("DATABASE_USERNAME", default="postgres")
author	Piotr Dobrowolski <admin@tastycode.pl>	2020-05-31 01:15:24 +0200
committer	Piotr Dobrowolski <admin@tastycode.pl>	2020-05-31 01:15:24 +0200
commit	b495cae6cd428fcba76895f3262457a78b7bb689 (patch)
tree	4affd825ef63a6fe17939c6de55676144bbdb456
parent	5c6938ae5af49676eef59d6f8f726292dffbab19 (diff)
download	sso-v2-b495cae6cd428fcba76895f3262457a78b7bb689.tar.gz sso-v2-b495cae6cd428fcba76895f3262457a78b7bb689.tar.bz2 sso-v2-b495cae6cd428fcba76895f3262457a78b7bb689.tar.xz sso-v2-b495cae6cd428fcba76895f3262457a78b7bb689.zip