feat: let flask manage invalid methods on routes
This commit is contained in:
parent
54d8ad46f8
commit
3867885b89
|
@ -15,7 +15,7 @@ app = Flask(__name__)
|
|||
app.secret_key = "#^A549639t5@#&$p"
|
||||
db: Database | None = None
|
||||
|
||||
@app.route('/auth')
|
||||
@app.get('/auth')
|
||||
def auth():
|
||||
session["state"] = secrets.token_urlsafe(16)
|
||||
|
||||
|
@ -26,11 +26,8 @@ def auth():
|
|||
"state": session["state"]
|
||||
})
|
||||
|
||||
@app.route('/callback', methods = ["GET"])
|
||||
@app.get('/callback')
|
||||
def callback():
|
||||
if request.method != "GET":
|
||||
return "I curse you!", 403
|
||||
|
||||
if request.args.get("state") != session.pop("state", "fartnugget"):
|
||||
return "I banish thee, to the state of Ohio", 403
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user