--- a/{{cookiecutter.project_slug}}/{{cookiecutter.webapp_name}}/__init__.py Sun Jan 14 12:27:43 2018 +0100
+++ b/{{cookiecutter.project_slug}}/{{cookiecutter.webapp_name}}/__init__.py Sun Jan 14 12:28:35 2018 +0100
@@ -20,6 +20,7 @@
from pyams_utils.site import site_factory
from pyramid.authorization import ACLAuthorizationPolicy
from pyramid.config import Configurator
+from pyramid.csrf import CookieCSRFStoragePolicy
from zope.component import getGlobalSiteManager
@@ -39,8 +40,9 @@
credentials=('http',))
config.set_authentication_policy(authn_policy)
config.set_authorization_policy(ACLAuthorizationPolicy())
+ config.set_csrf_storage_policy(CookieCSRFStoragePolicy())
+ config.set_default_csrf_options(require_csrf=True)
config.scan()
return config.make_wsgi_app()
-