Csrf token missing problem in my flask route i mention my error please review my code and find solution because i am new to flask
My app.py file:
#app.route('/register', methods=['GET', 'POST'])
#csrf.exempt
def register():
if request.method == 'POST':
form = RegisterForm()
if form.validate_on_submit():
name = request.form['name']
email = request.form['email']
gender = request.form['gender']
username = request.form['username']
password = sha256_crypt.encrypt(str(request.form['password']))
user = User(name=name, email=email, gender=gender, username=username, password=password)
db.session.add(user)
db.session.commit()
response = {"succcess":"User registered successfully and now you can login"}
return jsonify(response)
elif not form.validate_on_submit():
response = {"errors":form.errors}
return jsonify(response)
My error in response:
{
"errors": {
"csrf_token": [
"The CSRF token is missing."
]
}
}
How i solve this issue I am new to flask web framework
Csrf token missing problem in my flask route i mention my error please review my code and find solution because i am new to flask
Related
I am new to Twitter stream analytics
I was unable to use the tweepy streaming as there was a change in the API version 2.0. So I am currently trying to stream it using a bearer token.
I am facing two issues:
Getting error- The content for this response was already consumed
How to send the JSON response to the Spark stream
I am streaming the JSON response by using stream=True
Any pointers/alternatives would be great!
import requests
import os
import json
bearer_token = 'your bearer token'
query = "fifa"
tweet_fields = "tweet.fields=id,created_at,text"
expansions = "expansions=author_id"
headers = {"Authorization": "Bearer {}".format(bearer_token)}
def create_url(query, tweet_fields, expansions):
url = "https://api.twitter.com/2/tweets/search/recent?query={}&{}".format(
query, tweet_fields, expansions
)
return url
def bearer_oauth(r):
"""
Method required by bearer token authentication.
"""
r.headers["Authorization"] = f"Bearer {bearer_token}"
r.headers["User-Agent"] = "v2SampledStreamPython"
return r
def connect_to_endpoint(url):
response = requests.request("GET", url, auth=bearer_oauth, stream=True)
#print(response.status_code)
for response_line in response.iter_lines():
if response_line:
json_response = json.loads(response_line)
t=json.dumps(json_response, indent=4, sort_keys=True)
if response.status_code != 200:
raise Exception(
"Request returned an error: {} {}".format(
response.status_code, response.text
)
)
def main():
url = create_url(query, tweet_fields, expansions)
timeout = 0
while True:
connect_to_endpoint(url)
timeout += 1
if __name__ == "__main__":
main()
I have the following route in Django Rest Framework:
from rest_framework.viewsets import ModelViewSet
from rest_framework.renderers import JSONRenderer
from rest_framework.response import Response
class MainViewset(ModelViewSet):
renderer_classes = [JSONRenderer]
authentication_classes = []
permission_classes = []
def alive(self, request):
return Response("API is Alive", 200)
I have a Django test that calls this API route, expecting the JSON string:
def test_base_route(self):
c = Client()
response = c.get('/budget/alive')
self.assertTrue(response.status_code == 200)
self.assertEqual(response.content.decode("UTF-8"), "API is Alive")
However, I get the following error:
def test_base_route(self):
c = Client()
response = c.get('/budget/alive')
self.assertTrue(response.status_code == 200)
> self.assertEqual(response.content.decode("UTF-8"), "API is Alive")
E AssertionError: '"API is Alive"' != 'API is Alive'
E - "API is Alive"
E ? - -
E + API is Alive
I find this strange since I decoded the string. I know it's a simple thing to trim off quotation marks, but what is the right way to serialize a single string as a response and get it back in the content of a response in DRF when sending JSON?
You can use .data for this case:
self.assertEqual(response.data, "API is Alive")
I am a beginner in Django. I want to send an email on button click. Button is delete button. when press on delete button, i want to send an email to receiver#gmail.com.
As per the below code, email send when the page loaded. And also there was an internal server error. could you please help me to change the as email send on button click.
views.py
class delete_profile(View):
print("nothing")
def post(self, request, *args, **kwargs):
print("nothing")
template = loader.get_template("frontend/subscription-start.html")
email_content = "deletion confirmation"
send_mail(
'No Dowry Marriage - Subscription',
email_content,
'sender#gmail.com',
['reciever#gmail.com'],
html_message=email_content,
fail_silently=False
)
urls.py
path('delete_profile', csrf_exempt(delete_profile.as_view()), name='delete_profile')
user_profile.html
<script>
function delete_profile1() {
var csrftoken = getCookie('csrftoken');
console.log("rhgrjhrj")
$.ajax({
type: 'POST',
url: '{% url "delete_profile" %}',
data: {
csrfmiddlewaretoken: csrftoken
},
success: function () {
toastr.info('Preference Updated Successfully')
}
});
}
</script>
THANKS IN ADVANCE!!!!
first you import JsonResponse and render in your views.py:
from django.http import JsonResponse
from django.shortcuts import render
After change your Class:
class delete_profile(View):
def get(self, request, *args, **kwargs):
# handle the get request
return render(request, 'frontend/subscription-start.html')
def post(self, request, *args, **kwargs):
email_content = "deletion confirmation"
send_mail(
'No Dowry Marriage - Subscription',
email_content,
'sender#gmail.com',
['reciever#gmail.com'],
html_message=email_content,
fail_silently=False
)
return JsonResponse({'some_text': some_text})
# or
# return render(request, 'some_location/some_html_file')
Maybe change your ajax POST request headers:
headers: {
'X-CSRFToken': csrftoken
}
I am quite stuck in trying to subscribe to changes on a google drive folder. My python3 code is as follows:
SCOPES = 'https://www.googleapis.com/auth/drive.readonly'
store = file.Storage('storage.json')
credentials = store.get()
if not credentials or credentials.invalid:
flow = client.flow_from_clientsecrets('client_id.json', SCOPES)
credentials = tools.run_flow(flow, store)
# This starts the authorization process
DRIVE = discovery.build('drive', 'v3', http=credentials.authorize(Http()))
try:
with open('saved_start_page_token.json') as json_data:
d = json.load(json_data)
try:
saved_start_page_token = d["startPageToken"]
except KeyError:
saved_start_page_token = d["newStartPageToken"]
print("Using saved token: %s" % saved_start_page_token)
except FileNotFoundError:
response = DRIVE.changes().getStartPageToken().execute()
with open("saved_start_page_token.json", "w") as token:
json.dump(response, token)
saved_start_page_token = response.get('startPageToken')
print('Start token: %s' % saved_start_page_token)
body = dict()
body["kind"] = "api#channel"
body["id"] = str(uuid.uuid4()) # TODO: do I have to do something with this channel id?
print(body["id"])
body["resourceId"] = 'web_hook'
body["resourceUri"] = 'https://meg-wm-it-change.appspot.com/notifications/'
json_body = json.dumps(body)
print(json_body)
request = DRIVE.changes().watch(pageToken = saved_start_page_token, body=json_body)
response = request.execute()
return response.body
Except this throws the error
googleapiclient.errors.HttpError: <HttpError 400 when requesting https://www.googleapis.com/drive/v3/changes/watch?pageToken=163958&alt=json returned "entity.resource">
Which I can't quite decipher. I'm sure my issue will be not understanding the documentation, (ie, I don't understand whether the params go versus the body of this request, and can't find any code samples) but any help would be appreciated!
I am going to post the answer I found to my own question in the event that anyone else wanders here:
# If modifying these scopes, delete the file token.pickle.
SCOPES = ['https://www.googleapis.com/auth/drive']
def auth():
creds = None
# The file token.pickle stores the user's access and refresh tokens, and is
# created automatically when the authorization flow completes for the first
# time.
if os.path.exists('token.pickle'):
with open('token.pickle', 'rb') as token:
creds = pickle.load(token)
# If there are no (valid) credentials available, let the user log in.
if not creds or not creds.valid:
if creds and creds.expired and creds.refresh_token:
creds.refresh(Request())
else:
flow = InstalledAppFlow.from_client_secrets_file(
'credentials.json', SCOPES)
creds = flow.run_local_server()
# Save the credentials for the next run
with open('token.pickle', 'wb') as token:
pickle.dump(creds, token)
return creds
def subscribe_changes(service):
channel_id = str(uuid.uuid4())
body = {
"id": channel_id,
"type": "web_hook",
"address": COOL_REGISTERED_DOMAIN
}
response = service.changes().watch(body=body, pageToken = get_page_token(service)).execute()
ts = response['expiration']
print(dateparser.parse(ts))
print(response)
return channel_id
def main():
creds = auth()
service = build('drive', 'v3', credentials=creds)
subscribe_changes(service)
After I get a token from a Post request as shown below:
{ "access_token": "12345", "expires_in": 3600, "token_type": "Bearer" }
I want to use this token in different TestSteps Headers values.
For example I have to make a GET request after I received this token and it have in the header -> Authentification : Bearer + token_value.
So can I write a GroovyScript or something to make this automatically? I'm using ReadyApi.
Regards,
Adrian
Add Script Assertion for the same step where you receive the mentioned response:
Script Assertion this fetches the values from response and creates a project property and set the retrieved value.
//Check if the response is empty or null
assert context.response, "Response is null or empty"
def json = new groovy.json.JsonSlurper().parseText(context.response)
def token = "${json.token_type} ${json.access_token}" as String
log.info "Token will be: ${token}"
//Assing the value at project level property TOKEN
context.testCase.testSuite.project.setPropertyValue('TOKEN', token)
Now the value needs to be set as header to each outgoing request dynamically. i.e., Add Authorization header and its value for the SOAP or REST request type steps. For this, Events feature is going to be used.
Add a SubmitListener.beforeSubmit event and add the below script into it. Please follow the comments inline.
import com.eviware.soapui.impl.wsdl.teststeps.WsdlTestRequestStep
import com.eviware.soapui.impl.wsdl.teststeps.RestTestRequestStep
//Please edit the header name as you wanted
def headerName = 'Authorization'
//a method which sets the headers
def setHttpHeaders(def headers) {
def step = context.getProperty("wsdlRequest").testStep
if (step instanceof RestTestRequestStep || step instanceof WsdlTestRequestStep) {
def currentRequest = step.httpRequest
def existingHeaders = currentRequest.requestHeaders
headers.each {
existingHeaders[it.key] = it.value
}
currentRequest.requestHeaders = existingHeaders
} else {
log.info 'not adding headers to the current step as it is not request type step'
}
}
//read the token from project properties
def token = context.expand('${#Project#TOKEN}')
//assert the value of token
assert token, "Token is null or empty"
//UPDATE from the comment to add the header to next request
if (token) {
def headerValue = [(token)]
def headers = [(headerName) : (headerValue)]
setHttpHeaders(headers)
}
import groovy.json.JsonSlurper
import groovy.json.*
def tokens=testRunner.runStepByname("Token")
def response = context.expand( '${Token#Response}' )
def JsonSlurperjsonSlurper = newJsonSlurper()
def Objectresult = jsonSlurper.parseText(response)
def access_token= result.access_token
def authorization = "Bearer "+access_token
testRunner.testCase.setPropertyValue("access_token", authorization)