pallets-eco · lepture · Feb 15, 2014 · Feb 2, 2014
diff --git a/flask_wtf/__init__.py b/flask_wtf/__init__.py
@@ -16,4 +16,4 @@
 from .csrf import CsrfProtect
 from .recaptcha import *
 
-__version__ = '0.9.4'
+__version__ = '0.9.5'
diff --git a/flask_wtf/csrf.py b/flask_wtf/csrf.py
@@ -130,9 +130,13 @@ def __init__(self, app=None):
             self.init_app(app)
 
     def init_app(self, app):
-        app.jinja_env.globals['csrf_token'] = generate_csrf
         app.config.setdefault('WTF_CSRF_SSL_STRICT', True)
         app.config.setdefault('WTF_CSRF_ENABLED', True)
+
+        # expose csrf_token as a helper in all templates
+        @app.context_processor
+        def csrf_token():
+            return dict(csrf_token=generate_csrf)
 
         @app.before_request
         def _csrf_protect():

diff --git a/tests/templates/csrf.html b/tests/templates/csrf.html
@@ -0,0 +1,8 @@
+
+<!DOCTYPE html>
+
+<html>
+    <body>
+        token: {{ csrf_token() }}
+    </body>
+</html>
diff --git a/tests/test_csrf.py b/tests/test_csrf.py
@@ -184,3 +184,11 @@ def test_validate_csrf(self):
             assert not validate_csrf('ff##dd')
             csrf_token = generate_csrf()
             assert validate_csrf(csrf_token)
+
+    def test_csrf_token_helper(self):
+        @self.app.route("/token")
+        def withtoken():
+            return render_template("csrf.html")
+
+        response = self.client.get('/token')
+        assert re.compile('token: [a-zA-Z0-9#.]{3,}').search(response.data)