from flask_wtf.csrf import CSRFProtect

# Single global instance of CSRFProtect
csrf = CSRFProtect()

def init_csrf(app):
    """Initialize CSRF protection with proper configuration"""
    # Ensure cookies work in Docker environment
    app.config['WTF_CSRF_ENABLED'] = True
    app.config['WTF_CSRF_TIME_LIMIT'] = 3600  # 1 hour
    app.config['SESSION_COOKIE_SECURE'] = False  # Set to True if using HTTPS
    app.config['SESSION_COOKIE_HTTPONLY'] = True
    app.config['SESSION_COOKIE_SAMESITE'] = 'Lax'
    
    # Initialize CSRF protection
    csrf.init_app(app)