Erik Taubeneck
Erik Taubeneck
> Assuming you trust the Coordinator to perform TEE attestation correctly, anyone can tie the logic running in the TEE to a specific version of open source code. My point...
[`remove_all_connections`](https://github.com/mattupstate/flask-social/blob/develop/flask_social/views.py#L64) and [`remove_connection`](https://github.com/mattupstate/flask-social/blob/develop/flask_social/views.py#L88) would both delete data in your datastore if attacked. Moreover, if you want to use the `CsrfProtect` function that Flask-WTF provides, it breaks all of the social...
With the Facebook API, you receive an error on any request you make. Repeating the login flow should update it, however the way Flask-Social is written, we don't override the...
Yep. Typo, my bad. Thanks! (and fixed)
@sayerhs I haven't been using flask-social at work anymore, so I haven't been able to give it nearly as much attention as I used to. Hopefully I'll get a chance...
Hey @jquacinella, sorry for the delay. I haven't been using Flask-Social at my new job, so I haven't been able to dedicate the same amount of time to the project....
I think the 2 largest priorities would be switching over to [Flask-Oauthlib](https://github.com/lepture/flask-oauthlib) and getting CSRF working properly.
Ahh yes, you are correct WRT Flask-Oauthlib. It's been a little while since using the package. For CSRF, the issue is that if you wish to use the `CsrfProtect` function...
All we did was manually insert a `csrf_token()` into the form when we posted the signup, i.e.: ```
See the [discussion here](https://github.com/mattupstate/flask-social/issues/24) for more detail, but essentially the issue is not making Flask-Social compatible with CSRF, but to utilize it and protect someone from getting an account deleted...