CSRF session token missing in a nginx + gunicorn + flask architecture

my website developed in flask works fine on gunicorn, it is using flask_wtf for setting up CSRF. Login and other html pages are using CSRF.

As i run it behind nginx reverse proxy i got a "The CSRF session token is missing." error.

As everything works fine on gunicorn i suppose problem is in my current nginx configuration.

follows the nginx.conf I m using:

'''

user ec2-user;
worker_processes auto;
error_log /var/log/nginx/error.log debug;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;
    error_log /var/log/nginx/error.log;
    

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   120;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    include /etc/nginx/conf.d/*.conf;



    ##
    # SSL Settings
    ##
    
    ssl_session_timeout 10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

##
    # Gzip Settings
    ##

    gzip on;

    gzip_proxied any;
    gzip_min_length 500;
    gzip_disable "MSIE [1-6]\."
    gzip_http_version 1.1;
    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual Host Configs
    ##
    
    upstream app_servers {
        server  127.0.0.1:8000;
    }   


    server {
        listen 80;
        return 301 https://$host$request_uri;   
    
    }

    server {
        listen 443 ssl;
        
        ssl_certificate /home/cert/cert.pem;
        ssl_certificate_key /home/cert/privkey.pem;
        keepalive_timeout 120;
        
        location / {
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_connect_timeout   3;
            proxy_send_timeout      3;
            proxy_read_timeout      3;
            proxy_ignore_headers Set-Cookie;
            proxy_hide_header    Set-Cookie;
            proxy_cache                     off;
            proxy_pass http://app_servers;
            # Headers for client browser NOCACHE + CORS origin filter 
            proxy_cache                     off;
            proxy_pass http://app_servers;
            # set all cookies to secure, httponly and samesite by modifying "path"
                proxy_cookie_path / "/; secure; HttpOnly; SameSite=lax";
            expires -1;
            
        }
        
        location ^~ /static/ {
            root /home/ec2-user/blabla/application/;
        }

    }
'''

any help, hint, suggestion how to investigate further the problem, how to trace the request will be more than welcome.

adding

proxy_set_header Cookie $http_cookie;

as per below '''

location / {
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Cookie $http_cookie;

'''

fixed all.