From 73db90908cda43b43cb16e93d4b9b44779af696d Mon Sep 17 00:00:00 2001
From: Marek Marecki <marekjm@ozro.pw>
Date: Sun, 23 Apr 2017 16:18:56 +0200
Subject: [PATCH] Add CSRF tokens when missing in POST or PUT

---
 diaspy/connection.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/diaspy/connection.py b/diaspy/connection.py
index e6f1124..98025be 100644
--- a/diaspy/connection.py
+++ b/diaspy/connection.py
@@ -120,6 +120,8 @@ class Connection():
         :type params: dict
         """
         string = '{0}/{1}'.format(self.pod, string)
+        if 'X-CSRF-Token' not in headers:
+            headers['X-CSRF-Token'] = self.get_token()
         request = self._session.post(string, data, headers=headers, params=params, verify=self._verify_SSL, **kwargs)
         return request
 
@@ -127,6 +129,8 @@ class Connection():
         """This method PUTs to session.
         """
         string = '{0}/{1}'.format(self.pod, string)
+        if 'X-CSRF-Token' not in headers:
+            headers['X-CSRF-Token'] = self.get_token()
         if data is not None: request = self._session.put(string, data, headers=headers, params=params, **kwargs)
         else: request = self._session.put(string, headers=headers, params=params, verify=self._verify_SSL, **kwargs)
         return request
-- 
2.25.1