From a1b41e831763fb473366acf2018c127b230bbb18 Mon Sep 17 00:00:00 2001 From: dev1lfreak Date: Fri, 29 May 2026 14:34:02 +0300 Subject: [PATCH] feat: add 500 csrf exception --- src/application/domain/exceptions/__init__.py | 1 + src/application/domain/exceptions/csrf_error_exception.py | 8 ++++++++ src/presentation/decorators/csrf.py | 4 ++-- 3 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 src/application/domain/exceptions/csrf_error_exception.py diff --git a/src/application/domain/exceptions/__init__.py b/src/application/domain/exceptions/__init__.py index e882cff..d5bb22b 100644 --- a/src/application/domain/exceptions/__init__.py +++ b/src/application/domain/exceptions/__init__.py @@ -7,3 +7,4 @@ from src.application.domain.exceptions.conflict_exception import ConflictExcepti from src.application.domain.exceptions.internal_exception import InternalException from src.application.domain.exceptions.service_unavailable_exception import ServiceUnavailableException from src.application.domain.exceptions.too_many_requests_exception import TooManyRequestsException +from src.application.domain.exceptions.csrf_error_exception import CsrfErrorException diff --git a/src/application/domain/exceptions/csrf_error_exception.py b/src/application/domain/exceptions/csrf_error_exception.py new file mode 100644 index 0000000..cc065b6 --- /dev/null +++ b/src/application/domain/exceptions/csrf_error_exception.py @@ -0,0 +1,8 @@ +from src.application.domain.exceptions.application_exceptions import ApplicationException + +from typing import Mapping + + +class CsrfErrorException(ApplicationException): + def __init__(self, message: str = 'CSRF context is invalid', headers: Mapping[str, str] | None = None): + super().__init__(500, message, headers) diff --git a/src/presentation/decorators/csrf.py b/src/presentation/decorators/csrf.py index bc08e31..540bc79 100644 --- a/src/presentation/decorators/csrf.py +++ b/src/presentation/decorators/csrf.py @@ -3,7 +3,7 @@ import inspect from functools import wraps from typing import Callable, Awaitable, Any, Optional, Annotated from fastapi import Request, Header -from src.application.domain.exceptions import InternalException +from src.application.domain.exceptions import CsrfErrorException from src.infrastructure.security import CsrfService @@ -39,7 +39,7 @@ def csrf_protect( break if request is None: - raise InternalException(message='Request is required for CSRF protection') + raise CsrfErrorException(message='Request is required for CSRF protection') csrf = CsrfService()