add csrftoken api route

This commit is contained in:
Bui 2020-03-17 04:03:10 +00:00
parent 96b1ba4b04
commit 841e9d37d1
2 changed files with 10 additions and 2 deletions

6
app.py
View File

@ -112,7 +112,6 @@ def get_config():
config_out['assets_baseurl'] = ''.join([request.host_url, 'assets']) + '/' config_out['assets_baseurl'] = ''.join([request.host_url, 'assets']) + '/'
config_out['_version'] = get_version() config_out['_version'] = get_version()
config_out['_csrf_token'] = generate_csrf()
return config_out return config_out
@ -138,6 +137,11 @@ def route_index():
return render_template('index.html', version=version, config=get_config()) return render_template('index.html', version=version, config=get_config())
@app.route('/api/csrftoken')
def route_csrftoken():
return jsonify({'status': 'ok', 'token': generate_csrf()})
@app.route('/admin') @app.route('/admin')
@admin_required(level=50) @admin_required(level=50)
def route_admin(): def route_admin():

View File

@ -10,7 +10,11 @@
{% for song in songs %} {% for song in songs %}
<a href="/admin/songs/{{ song.id }}" class="song-link"> <a href="/admin/songs/{{ song.id }}" class="song-link">
<div class="song"> <div class="song">
<p>{{ song.title }}</p> {% if song.title_lang.en %}
<p>{{ song.title_lang.en }} <small>({{ song.title }})</small></p>
{% else %}
<p>{{ song.title }}</p>
{% endif %}
</div> </div>
</a> </a>
{% endfor %} {% endfor %}