src/dazzle_back/runtime/csrf.py

Generated: 2026-03-30T04:38:47.071610+00:00

Commit: 615f1354a103

Language: python

Scope: dazzle_back

Purpose

CSRF protection for Dazzle Backend applications.

Implements the double-submit cookie pattern using a pure ASGI middleware (not BaseHTTPMiddleware, which has body consumption issues): - Sets a dazzle_csrf cookie (httponly=False so JS can read it) - On state-changing requests (POST/PUT/DELETE/PATCH...

Key Exports

• CSRFConfig
• configure_csrf_for_profile
• CSRFMiddleware
• apply_csrf_protection
• send_with_cookie

Dependencies

Imports

• __future__.annotations
• logging
• secrets
• dataclasses.dataclass
• dataclasses.field
• typing.TYPE_CHECKING
• typing.Any

Event Interactions

None detected.

Invariants and Assumptions

No invariants documented.

Tests

• tests/integration/test_runtime_e2e.py
• tests/integration/test_runtime_pipeline.py
• tests/unit/test_runtime_test_routes.py
• tests/unit/test_runtime_services.py
• tests/unit/test_runtime_mcp_tools.py

Notes

This page was automatically generated by tools/gen_reference_docs.py.