Disable csrf where user is not logged in; Show CSRF errors in forms.

author: Marian Sigler <m@qjym.de> 2012-09-28 03:12:52 +0200
committer: Marian Sigler <m@qjym.de> 2012-09-28 03:16:12 +0200
commit: 2676e1d7130160673c408987c4aeef83f9f57b6d (patch)
tree: 73937f3ae6d5d4f70157b213bdad9c65545200bc /templates/_macros.html
parent: a9b2f0624d5f9095747e9c2a8518199375c5e815 (diff)
download: web-2676e1d7130160673c408987c4aeef83f9f57b6d.tar.gz
web-2676e1d7130160673c408987c4aeef83f9f57b6d.tar.bz2
web-2676e1d7130160673c408987c4aeef83f9f57b6d.zip
1 files changed, 11 insertions, 0 deletions
diff --git a/templates/_macros.html b/templates/_macros.html
index 265584f..1608c1f 100644
--- a/templates/_macros.html
+++ b/templates/_macros.html
@@ -8,6 +8,17 @@
 </div>
 {%- endmacro %}
 
+{% macro render_csrf(form) %}
+{{ form.csrf_token }}
+{%- if 'csrf_token' in form.errors %}
+<div class="control-group">
+  <div class="controls">
+    {{ render_errors(form.errors.csrf_token) }}
+  </div>
+</div>
+{%- endif %}
+{%- endmacro %}
+
 {% macro render_errors(errors) %}
   {%- if errors|length == 1 %}
   <div class="errors">
author	Marian Sigler <m@qjym.de>	2012-09-28 03:12:52 +0200
committer	Marian Sigler <m@qjym.de>	2012-09-28 03:16:12 +0200
commit	2676e1d7130160673c408987c4aeef83f9f57b6d (patch)
tree	73937f3ae6d5d4f70157b213bdad9c65545200bc /templates/_macros.html
parent	a9b2f0624d5f9095747e9c2a8518199375c5e815 (diff)
download	web-2676e1d7130160673c408987c4aeef83f9f57b6d.tar.gz web-2676e1d7130160673c408987c4aeef83f9f57b6d.tar.bz2 web-2676e1d7130160673c408987c4aeef83f9f57b6d.zip