Redirect to login page when CSRF error occurs

2018-10-16 17:23:09 -04:00
parent e7b437dc56
commit c7d5015942
3 changed files with 27 additions and 1 deletions
--- a/atst/routes/errors.py
+++ b/atst/routes/errors.py
@@ -1,4 +1,5 @@
-from flask import render_template, current_app
+from flask import render_template, current_app, url_for, redirect, request
+from flask_wtf.csrf import CSRFError
 import werkzeug.exceptions as werkzeug_exceptions

 import atst.domain.exceptions as exceptions
@@ -23,6 +24,11 @@ def make_error_pages(app):
        log_error(e)
        return render_template("error.html", message="Log in Failed"), 401

+    @app.errorhandler(CSRFError)
+    def session_expired(e):
+        log_error(e)
+        return redirect(url_for("atst.root", sessionExpired=True, next=request.path))
+
    @app.errorhandler(Exception)
    # pylint: disable=unused-variable
    def exception(e):