I am trying to use csrf protection on my forms but I always get an error saying I am missing the csrf session token.
I dont know whats wrong with my code, maybe someone here can help me understand what I am doing wrong.
my code:
app = Flask(__name__)
csrf = CSRFProtect(app)
@app.route("/reserve", methods=["GET", "POST"])
def reserve():
if request.method == "GET" :
return render_template("reserve.html", csrf_token=generate_csrf())
<form id="Reserve" action="/reserve" method="post">
<!-- csrf protection -->
<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
<input type="text" placeholder="Name">
<button type="submit">
Submit
</button>
</form>
I have tried using: <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
but it still wont work.