wdfRddlmZddlmZddlmZddlmZGddeZdS) )unicode_literals)Form)ValidationError)CSRFTokenFieldc^eZdZdZeZdfd ZdZdZe fdZ xZ S) SecureFormzB Form that enables CSRF processing via subclassing hooks. Nc tt|j|||fi||||j_dS)z :param csrf_context: Optional extra data which is passed transparently to your CSRF implementation. N)superr __init__generate_csrf_token csrf_token current_token)selfformdataobjprefix csrf_contextkwargs __class__s Z/var/www/book.euthymeo.com/html/venv/lib/python3.11/site-packages/wtforms/ext/csrf/form.pyr zSecureForm.__init__sL )j$(3II&III(,(@(@(N(N%%%ct)a Implementations must override this to provide a method with which one can get a CSRF token for this form. A CSRF token should be a string which can be generated deterministically so that on the form POST, the generated string is (usually) the same assuming the user is using the site normally. :param csrf_context: A transparent object which can be used as contextual info for generating the token. )NotImplementedError)rrs rrzSecureForm.generate_csrf_tokens"###rcj|j|jkr"t|ddS)z Override this method to provide custom CSRF validation logic. The default CSRF validation logic simply checks if the recently generated token equals the one we received as formdata. zInvalid CSRF TokenN)rdatargettext)rfields rvalidate_csrf_tokenzSecureForm.validate_csrf_token's7  %* , ,!%--0D"E"EFF F - ,rcftt|j}|d|S)Nr)r r rpop)rdrs rrzSecureForm.data1s, *d # # ( lr)NNr N) __name__ __module__ __qualname____doc__rrr rr propertyr __classcell__)rs@rr r s !!JOOOOOO $ $ $GGGXrr N) __future__r wtforms.formrwtforms.validatorsrfieldsrr rrr/s''''''......"""""",,,,,,,,,,r