move docs section about implementing csrf validation to advanced

doc/advanced.rst

@@ -3,6 +3,21 @@
 Advanced Functionality
 ======================
 
+Enabling CSRF Validation
+------------------------
+
+To add CSRF protection to the forms that are generated by *ModelView* instances, use the
+SecureForm class in your *ModelView* subclass by specifying the *form_base_class* parameter::
+
+    from flask_admin.form import SecureForm
+    from flask_admin.contrib.sqla import ModelView
+
+    class CarAdmin(ModelView):
+        form_base_class = SecureForm
+
+SecureForm requires WTForms 2 or greater. It uses the WTForms SessionCSRF class
+to generate the tokens for you, and validate them when the forms are submitted.
+
 Localization With Flask-Babelex
 -------------------------------
 

doc/introduction.rst

@@ -55,27 +55,6 @@ There are many options available for customizing the display and functionality o
 For more details on that, see :ref:`customising-builtin-views`. For more details on the other
 ORM backends that are available, see :ref:`database-backends`.
 
-Enabling CSRF Validation
-------------------------
-
-To add CSRF protection to the forms that are generated by *ModelView* instances, use the
-`FlaskWTF <https://flask-wtf.readthedocs.org/>`_ form class in your *ModelView*
-subclass by specifying the *form_base_class* parameter::
-
-    from flask_admin.contrib.sqla import ModelView
-    import flask_wtf
-
-    # Flask and Flask-SQLAlchemy initialization here
-
-    app.config['CSRF_ENABLED'] = True
-    flask_wtf.CsrfProtect(app)
-
-    class MicroBlogModelView(ModelView):
-        form_base_class = flask_wtf.Form
-
-The FlaskWTF form class comes with CSRF protection builtin, so it will generate
-the tokens for you, and validate them when the forms are submitted.
-
 Adding Content to the Index Page
 --------------------------------
 The first thing you'll notice when you visit `http://localhost:5000/admin/ <http://localhost:5000/admin/>`_