CSRF token missing error

I realize this may not be Flask specific problem. But I was hoping for some tips anyway. The status of my current project, is that it works OK on development, but behaves different on production.


The only difference I can note, is that the moment I test my password reset link on production, I will never ever be able to login AGAIN, no matter what I try/refresh/URLed. I did not test the password reset link on development, as I had trouble doing so with a localhost mail server. So this makes it difficult to pinpoint the source of error.

(NOTE: sending the password reset email itself works. there admin_required and login_required decorators elsewhere, but not complete, will removing ALL endpoint protection make it easier to debug?)


As you can tell, Im quite (relatively) noob in this. Any tips is extremely appreciated.


Attached is the pic, as well as much of the code. (The code is an amalgamation from different sources, simplified)

# ===== from: https://nrodrig1.medium.com/flask-mail-reset-password-with-token-8088119e015b
@app.route('/send-reset-email')
def sendresetemail():
s=Serializer(app.config'SECRET_KEY')
token = s.dumps({'someid': currentuser.mcfId})


/r/flask
https://redd.it/1lpljag

async_rithmic: a fully async Rithmic gateway for algorithmic trading

# What My Project Does

`async_rithmic` is an open-source Python SDK that brings fully asynchronous access to the [Rithmic API](https://www.rithmic.com/) (a popular low-latency gateway for futures market data and trading).

With `async_rithmic`, you can:

* Place, modify, and cancel orders in a modern, non-blocking way.
* Easily subscribe to market data and build real-time event-driven trading systems.
* Retrieve historical market data

# Links

* [GitHub Project link](https://github.com/rundef/async_rithmic)
* [Documentation link](https://async-rithmic.readthedocs.io/en/latest/)

# Why I Built It

The only other Python wrapper I'm aware of is outdated, unmaintained and has a flawed architecture. I needed something:

* Fully async (for use with asyncio and fast, concurrent pipelines)
* Open source, with a clean, idiomatic API
* Easy to use in an event-driven trading system

After building several bots and backtesting platforms, I decided to open-source my own implementation to help others save time and avoid re-inventing the wheel.

# Target audience

* Python developers working with low-latency, event-driven trading or market data pipelines
* Quantitative researchers and algo traders who want fast access to Rithmic feeds for futures trading
* Anyone building their own backtesting or trading framework with a focus on modern async patterns

/r/Python
https://redd.it/1lpvht5

This simple CPU benchmark tool is my first Python project.

Hey all, I just joined this community and decided to share my first actual project! It is a benchmark tool that creates a CPU score, also dependant upon read/write speeds of the RAM, by calculating prime numbers. Link to the Github repository: https://github.com/epicracer7490/PyMark/blob/main/README.md

It's just a fun hobby project, made in a few hours. Feel free to share your results!

It can be unaccurate because, unlike Geekbench etc. it runs single-core and is dependant on Pythons CPU usage priority. Here's my result: Intel i7-12650H, CPU SCORE = 4514.82 (Length: 7, Count: 415991)

/r/Python
https://redd.it/1lpvh4u

Django tip Custom Management Commands

/r/django
https://redd.it/1lpug8i

Best Resources to Learn Django in 2025?

Hey everyone,

I'm looking to get into Django and would really appreciate some guidance on the best resources out there in 2025. I'm comfortable with Python and have done some basic web dev (HTML/CSS/JS), but I'm new to backend frameworks like Django.

What I'm hoping to find:

A beginner-friendly roadmap or course
Up-to-date tutorials (text or video)
Good books or documentation
Projects or exercises to practice

I’ve seen a few tutorials floating around, but I want to make sure I'm learning from sources that are relevant and align with Django’s latest version.

Any tips, recommendations, or personal favorites would be hugely appreciated!

Thanks in advance 🙏

/r/django
https://redd.it/1lpy3kr

Flask Security Best Practices for Software Engineers

Hi all,

I'm Ahmad, founder of Corgea. We've built a scanner that can find vulnerabilities in Flask applications, so we decided to write a guide for software engineers on Flask security best practices:

https://corgea.com/Learn/flask-security-best-practices-2025

In this article, we’ve covered:

Common Flask security misconfigurations we keep seeing in the wild
How to safely manage your secret keys, sessions, and cookies
Input validation and preventing common attacks like XSS and SQL Injection
Best practices for authentication and password storage
Deployment hardening tips (headers, HTTPS, etc.)
Real code examples for each practice

We’ve written this with both new Flask developers and experienced engineers in mind.

Would love feedback from the community → What’s a Flask security mistake you’ve seen (or made 😅) that others should know about?


Anything else you’d like us to add in future updates?


PS: We love Flask and have used it for some of our services ❤️

/r/flask
https://redd.it/1lpylrt

The logging module is from 2002. Here's how to use it in 2025

The logging module is powerful, but I noticed a lot of older tutorials teach outdated patterns you shouldn't use. So I put together an article that focuses on understanding the modern picture of Python logging.

It covers structured JSON output, centralizing logging configuration, using contextvars to automatically enrich your logs with request-specific data, and other useful patterns for modern observability needs.

If there's anything I missed or could improve, please let me know!

/r/Python
https://redd.it/1lq2zq0

Thursday Daily Thread: Python Careers, Courses, and Furthering Education!

# Weekly Thread: Professional Use, Jobs, and Education 🏢

Welcome to this week's discussion on Python in the professional world! This is your spot to talk about job hunting, career growth, and educational resources in Python. Please note, this thread is not for recruitment.

---

## How it Works:

1. Career Talk: Discuss using Python in your job, or the job market for Python roles.
2. Education Q&A: Ask or answer questions about Python courses, certifications, and educational resources.
3. Workplace Chat: Share your experiences, challenges, or success stories about using Python professionally.

---

## Guidelines:

- This thread is not for recruitment. For job postings, please see r/PythonJobs or the recruitment thread in the sidebar.
- Keep discussions relevant to Python in the professional and educational context.

---

## Example Topics:

1. Career Paths: What kinds of roles are out there for Python developers?
2. Certifications: Are Python certifications worth it?
3. Course Recommendations: Any good advanced Python courses to recommend?
4. Workplace Tools: What Python libraries are indispensable in your professional work?
5. Interview Tips: What types of Python questions are commonly asked in interviews?

---

Let's help each other grow in our careers and education. Happy discussing! 🌟

/r/Python
https://redd.it/1lqbbv9

Django's new Ecosystem page is live - featuring community-approved packages
https://www.djangoproject.com/community/ecosystem/

/r/django
https://redd.it/1lqc3w0

Help with cloudinary integration

https://github.com/ReevuChatterjee/CloudinaryTrial.git
so here is my repo
why cant i save my image files to cloudinary. it gets saved in the root directory again and again help me fix it

/r/djangolearning
https://redd.it/1lq86gu

The one FastAPI boilerplate to rule them all

Hey, guys, for anyone who might benefit (or would like to contribute - good starting point for newbies)

For about 2 years I've been developing this boilerplate (with a lot of help from the community - 20 contributors) and it's pretty mature now (used in prod by many). Latest news was the addition of CRUDAdmin as an admin panel, plus a brand new documentation to help people use it and understand design decisions.

* Github: [https://github.com/benavlabs/FastAPI-boilerplate](https://github.com/benavlabs/FastAPI-boilerplate)
* Docs: [https://benavlabs.github.io/FastAPI-boilerplate/](https://benavlabs.github.io/FastAPI-boilerplate/)


Main features:

* Pydantic V2 and SQLAlchemy 2.0 (fully async)
* User authentication with JWT (and cookie based refresh token)
* ARQ integration for task queue (way simpler than celery, but really powerful)
* Builtin cache and rate-limiting with redis
* Several deployment specific features (docs behind authentication and hidden based on the environment)
* NGINX for Reverse Proxy and Load Balancing
* Easy and powerful db interaction (FastCRUD)



Would love to hear your opinions and what could be improved. We used to have tens of issues, now it's down to just a few (phew), but I'd love to see new ones coming.

*Note: this boilerplate works really well for microservices or small applications, but for bigger ones I'd use a DDD monolith. It's a great starting point though.*

/r/Python
https://redd.it/1lq5ccm

A Python-Powered Desktop App Framework Using HTML, CSS & Python (Alpha)

Repo Link: [https://github.com/itzmetanjim/py-positron](https://github.com/itzmetanjim/py-positron)

# What my project does

PyPositron is a lightweight UI framework that lets you build native desktop apps using the web stack you already know—HTML, CSS & JS—powered by Python. Under the hood it leverages `pywebview`, but gives you full access to the DOM and browser APIs from Python. **Currently in Alpha stage**

# Target Audience

* Anyone making a desktop app with Python.
* Developers who know HTML/CSS and Python and want to make desktop apps.
* People who know Python well and want to make a desktop app, and wants to focus more on the backend logic than the UI
* People who want a simple UI framework that is easy to learn.
* Anyone tired of Tkinter’s ancient look or Qt's verbosity

# 🤔 Why Choose PyPositron?

* **Familiar tools:** No new “proprietary UI language”—just standard HTML/CSS (which is powerful, someone made Minecraft using only CSS ).
* **Use any web framework:** All frontend web frameworks (Bootstrap,Tailwind,Materialize,Bulma CSS, and even ones that use JS) are available.
* **AI-friendly:** Simply ask your favorite AI to “generate a login form in HTML/CSS/JS” and plug it right in.
* **Lightweight:** Spins up on your system’s existing browser engine—no huge runtimes bundled with every app.

# Comparision

|Feature|PyPositron|Electron.js|PyQt|
|:-|:-|:-|:-|
|Language|Python|JavaScript, C/C++ or backend JS

/r/Python
https://redd.it/1lqi4xa

Am I on the right path? Learning React + Flask for Full Stack + AI Career Goals

Hey everyone!

I'm currently learning React for front-end development and planning to start learning Flask for the backend. My goal is to become a full-stack developer with a strong focus on AI technologies, especially areas like Generative AI and Agentic AI.

I'm also interested in Python, which is why Flask seems like a good fit, and I’ve heard it's lightweight and beginner-friendly. Eventually, I want to transition into AI development, so I feel like learning full-stack with Python will give me a solid foundation.

Am I on the right path? Or would you recommend learning something else (like FastAPI, Django, or maybe diving directly into AI tools and frameworks)?

Any advice or guidance is appreciated — especially from folks who've gone down this road. 🙏

Thanks in advance!

/r/flask
https://redd.it/1lpvxx5

Is Django REST Framework worth it over standard Django for modern apps?

**Hey everyone! 👋**

I’ve been working with Django for building traditional websites (HTML templates, forms, etc.), but now I’m exploring building more modern apps — possibly with React or even a mobile frontend.

I’m considering whether to stick with **standard Django views or adopt Django REST Framework** (DRF) for building APIs. I get that DRF is great for JSON responses and API endpoints, but it feels like a bit more overhead at first.

For those who’ve worked with both —

* Is the learning curve of DRF worth it?
* Do you use DRF for all projects or only when building separate frontends/mobile apps?
* Are there performance or scaling benefits/drawbacks?

Would love to hear your experiences. Thanks in advance!

/r/django
https://redd.it/1lqfzsw

I made an app to dynamically select columns in django admin changelist

Selecting columns for tables with a large number of fields is a crucial feature. However, Django's admin only supports column selection by editing `list_display`, making it impossible to personalize the view per user.

This app solves that limitation by allowing users to dynamically select which columns to display in the Django admin changelist. The selected columns are stored in the database on a per-user basis.

The only existing solution I found was Django-Admin-Column-Toggle, which filters columns client-side after loading all data. This approach introduces unnecessary overhead and causes a slight delay as it relies on JavaScript execution.

In contrast, `django-admin-select-columns` filters columns on the server-side, reducing payload size, improving performance, and making the admin interface responsive and efficient even for large datasets.

🔗 GitHub Repository: sandbox-pokhara/django-admin-select-columns

💡 Future Ideas:
\- Column ordering
\- Default selected columns

UI to select columns

/r/django
https://redd.it/1lqihox

Django devs: Your app is probably slow because of these 5 mistakes (with fixes)

Just helped a client reduce their Django API response times from 3.2 seconds to 320ms. After optimizing dozens of Django apps, I keep seeing the same performance killers over and over.

**The 5 biggest Django performance mistakes:**

1. **N+1 queries** \- Your templates are hitting the database for every item in a loop
2. **Missing database indexes** \- Queries are fast with 1K records, crawl at 100K
3. **Over-fetching data** \- Loading entire objects when you only need 2 fields
4. **No caching strategy** \- Recalculating expensive operations on every request
5. **Suboptimal settings** \- Using SQLite in production, DEBUG=True, no connection pooling

**Example that kills most Django apps:**

# This innocent code generates 201 database queries for 100 articles
def get_articles(request):
articles = Article.objects.all()
# 1 query
return render(request, 'articles.html', {'articles': articles})

html
<!-- In template - this hits the DB for EVERY article -->
{% for article in articles %}
<h2>{{ article.title }}</h2>
<p>By {{ article.author.name }}</p>

/r/Python
https://redd.it/1lqly55

TurtleSC - Shortcuts for quickly coding turtle.py art

The TurtleSC package for providing shortcut functions for turtle.py to help in quick experiments. https://github.com/asweigart/turtlesc

Full blog post and reference: https://inventwithpython.com/blog/turtlesc-package.html

pip install turtlesc

What My Project Does

Provides a shortcut language instead of typing out full turtle code. For example, this turtle.py code:

from turtle import
from random import

colors = 'red', 'orange', 'yellow', 'blue', 'green', 'purple'

speed('fastest')
pensize(3)
bgcolor('black')
for i in range(300):
pencolor(choice(colors))
forward(i)
left(91)
hideturtle()
done()

Can be written as:

from turtlesc import
from random import

colors = 'red', 'orange', 'yellow', 'blue', 'green', 'purple'

sc('spd fastest, ps 3, bc black')
for i in range(300):
sc(f'pc {choice(colors)}, f {i}, l 91')
sc('hide,done')

You can also convert from the shortcut langauge to regular turtle.py function calls:

>>> from turtlesc import

/r/Python
https://redd.it/1lqv6nw

django celery running task is seperated server

Hello guys so i have django project and i a worker project hosted in diffrent server both are connected to same redis ip
i want to trigger celery task and run it in the seperated servere note functions are not inn django i can not import them

/r/django
https://redd.it/1lqrbeg

Flask Alembic - Custom script.py.mako

Im creating a Data Warehouse table models in alembic, but i have to add these lines to every inital migration file:

op.execute("CREATE SEQUENCE IF NOT EXISTS {table_name}_id_seq OWNED BY {table_name}.id")



with op.batch_alter_table('{table_name}', schema=None) as batch_op:

batch_op.alter_column('created_at',

existing_type=sa.DateTime(),

server_default=sa.text('CURRENT_TIMESTAMP'),

existing_nullable=True)

batch_op.alter_column('updated_at',

existing_type=sa.DateTime(),

server_default=sa.text('CURRENT_TIMESTAMP'),

existing_nullable=True)

batch_op.alter_column('id',

existing_type=sa.Integer(),

server_default=sa.text("nextval('{table_name}_id_seq')"),

nullable=False)

why ?

The data warehouse is being fed by users with different degrees of knowledge and theses columns for me are essential as i use them for pagination processes later on.

i was able to change the .mako file to add those, but i cant change {table_name} to the actual table name being created at the time, and it's a pain to do that by hand every time.

is there a way for me to capture the value on the env.py and replace {table_name} with the actual table name ?

/r/flask
https://redd.it/1lozksp

One simple way to run tests with random input in Pytest.

There are many ways to do it. Here's a simple one. I keep it short.

Test With Random Input in Python

/r/Python
https://redd.it/1lqy5fn