CSRF Options
authjwt_cookie_csrf_protect
- Enable/disable CSRF protection when using cookies. Defaults to
True
authjwt_access_csrf_cookie_key
- Key of the CSRF access cookie. Defaults to
'csrf_access_token'
authjwt_refresh_csrf_cookie_key
- Key of the CSRF refresh cookie. Defaults to
'csrf_refresh_token'
authjwt_access_csrf_cookie_path
- Path for the CSRF access cookie. Defaults to
'/'
authjwt_refresh_csrf_cookie_path
- Path for the CSRF refresh cookie. Defaults to
'/'
authjwt_access_csrf_header_name
- Name of the header that should contain the CSRF double submit value for access tokens. Defaults to
X-CSRF-TOKEN
authjwt_refresh_csrf_header_name
- Name of the header that should contains the CSRF double submit value for refresh tokens. Defaults to
X-CSRF-TOKEN
authjwt_csrf_methods
- The request methods that will use CSRF protection. Defaults to
{'POST','PUT','PATCH','DELETE'}