set APP_SETTINGS= "config.ProductionConfig"
- Lock requirements.text in with:
pip freeze > requirements.txt
- Install requirements.text with:
pip install -r requirements.txt
python-socketio SocketIO General docs flask-jwt-extended SQLAlchemy Flask-DB
Auth is done through JWT token set in an HTTP only cookie. It is paired with a X-CSRF-TOKEN
header that contains the csrf_access_token
. This must be sent to every protected route. The key for creating the JWT is stored in the env var: JWT_SECRET_KEY
.
headers:{
// ...,
'X-CSRF-TOKEN': getCookie('csrf_access_token')
// ...,
}
To facilitate cookie auth you need to setup a local nginx server that serves both the front end code and back end code from the same domain.