| 53 | self.app = _app |
| 54 | |
| 55 | def open(self, *args, **kwargs): |
| 56 | if len(args) > 0 and isinstance(args[0], (EnvironBuilder, dict)): |
| 57 | return super().open(*args, **kwargs) |
| 58 | |
| 59 | data = kwargs.get('data', {}) |
| 60 | |
| 61 | if self.csrf_token is not None and not ( |
| 62 | 'email' in data and |
| 63 | 'password' in data and |
| 64 | 'csrf_token' in data |
| 65 | ): |
| 66 | api_key_headers = Headers({}) |
| 67 | api_key_headers[ |
| 68 | getattr(config, 'WTF_CSRF_HEADERS', ['X-CSRFToken'])[0] |
| 69 | ] = self.csrf_token |
| 70 | headers = kwargs.pop('headers', Headers()) |
| 71 | headers.extend(api_key_headers) |
| 72 | kwargs['headers'] = headers |
| 73 | |
| 74 | return super().open(*args, **kwargs) |
| 75 | |
| 76 | def fetch_csrf(self, res): |
| 77 | # Modern pgAdmin emits the CSRF token to the SPA frontend in two |