Skip to content

prefect.server.api.csrf_token

create_csrf_token(db=Depends(provide_database_interface), client=Query(..., description='The client to create a CSRF token for')) async

Create or update a CSRF token for a client

Source code in src/prefect/server/api/csrf_token.py
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
@router.get("")
async def create_csrf_token(
    db: PrefectDBInterface = Depends(provide_database_interface),
    client: str = Query(..., description="The client to create a CSRF token for"),
) -> schemas.core.CsrfToken:
    """Create or update a CSRF token for a client"""
    if PREFECT_SERVER_CSRF_PROTECTION_ENABLED.value() is False:
        raise HTTPException(
            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
            detail="CSRF protection is disabled.",
        )

    async with db.session_context(begin_transaction=True) as session:
        token = await models.csrf_token.create_or_update_csrf_token(
            session=session, client=client
        )
        await models.csrf_token.delete_expired_tokens(session=session)

    return token