Move each flask module into a Blueprint and have CSRF protection only on the API blueprint

application.py

@@ -6,12 +6,12 @@ from app import app as application
 logging.basicConfig(**application.config['LOGGING_CONFIG'])
 
 
-import endpoints.index
-import endpoints.api
-import endpoints.web
-import endpoints.tags
-import endpoints.registry
-import endpoints.webhooks
+from endpoints.api import api
+from endpoints.index import index
+from endpoints.web import web
+from endpoints.tags import tags
+from endpoints.registry import registry
+from endpoints.webhooks import webhooks
 
 
 logger = logging.getLogger(__name__)
@@ -20,6 +20,13 @@ if application.config.get('INCLUDE_TEST_ENDPOINTS', False):
   logger.debug('Loading test endpoints.')
   import endpoints.test
 
+application.register_blueprint(web)
+application.register_blueprint(index, url_prefix='/v1')
+application.register_blueprint(tags, url_prefix='/v1')
+application.register_blueprint(registry, url_prefix='/v1')
+application.register_blueprint(api, url_prefix='/api')
+application.register_blueprint(webhooks, url_prefix='/webhooks')
+
 # Remove this for prod config
 application.debug = True