diff options
author | Marian Sigler <m@qjym.de> | 2012-09-28 03:12:52 +0200 |
---|---|---|
committer | Marian Sigler <m@qjym.de> | 2012-09-28 03:16:12 +0200 |
commit | 2676e1d7130160673c408987c4aeef83f9f57b6d (patch) | |
tree | 73937f3ae6d5d4f70157b213bdad9c65545200bc /templates/_macros.html | |
parent | a9b2f0624d5f9095747e9c2a8518199375c5e815 (diff) | |
download | web-2676e1d7130160673c408987c4aeef83f9f57b6d.tar.gz web-2676e1d7130160673c408987c4aeef83f9f57b6d.tar.bz2 web-2676e1d7130160673c408987c4aeef83f9f57b6d.zip |
Disable csrf where user is not logged in; Show CSRF errors in forms.
Diffstat (limited to 'templates/_macros.html')
-rw-r--r-- | templates/_macros.html | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/templates/_macros.html b/templates/_macros.html index 265584f..1608c1f 100644 --- a/templates/_macros.html +++ b/templates/_macros.html @@ -8,6 +8,17 @@ </div> {%- endmacro %} +{% macro render_csrf(form) %} +{{ form.csrf_token }} +{%- if 'csrf_token' in form.errors %} +<div class="control-group"> + <div class="controls"> + {{ render_errors(form.errors.csrf_token) }} + </div> +</div> +{%- endif %} +{%- endmacro %} + {% macro render_errors(errors) %} {%- if errors|length == 1 %} <div class="errors"> |