Secure Form Submission System

Build a Flask application that implements CSRF-protected forms with time-limited tokens to prevent replay attacks.

Requirements

Create a Flask application with CSRF protection that expires tokens after 2 minutes. The application should:

• Provide a form for users to submit data
• Protect form submissions with CSRF tokens that expire after 2 minutes
• Accept submissions with valid, non-expired tokens
• Reject submissions with expired tokens

Implementation Details

Your application needs the following endpoints:

1. GET /form: Returns an HTML form with CSRF protection
2. POST /submit: Processes the form submission with CSRF validation

The form should include:

• A text input field for a username
• Proper CSRF token field
• A submit button

When processing submissions:

• Valid tokens should return a success response
• Expired tokens should return an error response

Test Cases

• Submitting the form immediately after loading should succeed @test
• Submitting the form with the same token after 3 minutes should fail due to token expiration @test
• Generating a new token and submitting within 1 minute should succeed @test

Implementation

@generates

API

from flask import Flask

app = Flask(__name__)

@app.route('/form', methods=['GET'])
def form():
    """Return HTML form with CSRF protection."""
    pass

@app.route('/submit', methods=['POST'])
def submit():
    """Process form submission with CSRF validation."""
    pass

Dependencies { .dependencies }

Flask-WTF { .dependency }

Provides CSRF protection with configurable time limits for Flask applications.

@satisfied-by