Permalink
Browse files

Added constant_csrf_token option.

  • Loading branch information...
shazow committed Sep 8, 2012
1 parent 1eba52a commit 99eb4b8f11a30d845054ff4d5e8f800a39a717f0
Showing with 3 additions and 1 deletion.
  1. +3 −1 pyramid_beaker/__init__.py
@@ -19,6 +19,7 @@ def BeakerSessionFactoryConfig(**options):
class PyramidBeakerSessionObject(SessionObject):
_options = options
_cookie_on_exception = _options.pop('cookie_on_exception', True)
+ _constant_csrf_token = _options.pop('constant_csrf_token', False)
def __init__(self, request):
SessionObject.__init__(self, request.environ, **self._options)
@@ -82,7 +83,8 @@ def peek_flash(self, queue=''):
# CSRF API methods
def new_csrf_token(self):
- token = hexlify(os.urandom(20)).decode('ascii')
+ token = (self._constant_csrf_token
+ or hexlify(os.urandom(20)).decode('ascii'))
self['_csrft_'] = token
return token

0 comments on commit 99eb4b8

Please sign in to comment.