The CSRF session token is missing.

randiaz · (This post was last modified: Jul-31-2020, 08:46 PM by randiaz.)

Hi everyone!

I have the following error message: The CSRF session token is missing.

I have everything completed in the documentation for an Ajax post request with the following fetch request:

fetch("http://127.0.0.1:5000/user/login", {
method: 'POST',
headers: {
'Accept': 'application/json',
'X-CSRFToken': this.state.csrf,              
},
credentials: "include",
body: JSON.stringify({email: email, password: password}),          
})

I also have debugged this.state.csrf and it does have the string that was generated by another endpoint I created:

app.route("/secret", methods=["GET"])

def secret():

return render_template("csrf.payload")

csrf payload has: {{ csrf_token() }}

I think it may be two problems: maybe my flask app is requiring secure connection; or maybe my flask app is deleting my session data because of size of csrf token? This is after extensive googling.

Ofcourse my __init__.py has

csrf = CSRFProtect()
csrf.init_app(app)

Please help solve this error; I don't know why my session csrf token is missing :(

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	passing token to requests	alejandroot	4	6,876	Mar-12-2021, 04:49 PM Last Post: alejandroot
	[Solved] How do I position 'token' in JavaScript in search box?	cheers100	1	3,087	Nov-21-2020, 01:23 PM Last Post: cheers100
	Getting csrf token to log in	spartanvfl	4	33,563	Aug-08-2019, 08:19 PM Last Post: NSearch
	Token and auth-token	hshivaraj	1	4,188	Jul-26-2019, 07:40 AM Last Post: fishhook
	Missing cookies in session with requests	sechot	0	8,099	Oct-22-2017, 12:09 PM Last Post: sechot

The CSRF session token is missing.

User Panel Messages

Announcements