csrf exempt supports Flask Blueprint now.

Related issue: #111
wtforms · Jul 3, 2014 · e864456 · e864456
1 parent 9482767
commit e864456
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/flask_wtf/csrf.py b/flask_wtf/csrf.py
@@ -12,6 +12,7 @@
 import hmac
 import hashlib
 import time
+from flask import Blueprint
 from flask import current_app, session, request, abort
 from ._compat import to_bytes, string_types
 try:
@@ -131,6 +132,7 @@ class CsrfProtect(object):
 
     def __init__(self, app=None):
         self._exempt_views = set()
+        self._exempt_blueprints = set()
 
         if app:
             self.init_app(app)
@@ -165,6 +167,8 @@ def _csrf_protect():
                 dest = '%s.%s' % (view.__module__, view.__name__)
                 if dest in self._exempt_views:
                     return
+                if view.__module__ in self._exempt_blueprints:
+                    return
 
             csrf_token = None
             if request.method in app.config['WTF_CSRF_METHODS']:
@@ -208,6 +212,9 @@ def exempt(self, view):
             def some_view():
                 return
         """
+        if isinstance(view, Blueprint):
+            self._exempt_blueprints.add(view.import_name)
+            return view
         if isinstance(view, string_types):
             view_location = view
         else: