79242375

Date: 2024-12-01 19:58:55
Score: 2.5
Natty:
Report link

In addition to the above - you don't show how you are getting the token and ensuring that is passed as part of the request. As the Flask-Security documentation suggests - if this is a normal browser-based application - it is simpler and more secure to use session based authentication (using the session cookie) and using @auth_required()

Reasons:
  • No code block (0.5):
  • User mentioned (1): @auth_required
  • Single line (0.5):
  • Low reputation (0.5):
Posted by: jwag