django-ajax
django-ajax copied to clipboard
joestump
@csrf_exempt
I'm trying to test my Ajax methods by issuing requests from my browser as I write them, and notice using the decorator @csrf_except around my endpoint function doesn't work, because the function in endpoints.py isn't the real view function, so the decorator has no effect. Any idea how to get around this?
I was planning on building Django's CSRF tokens into the entire system so that we can use those tokens automatically within the framework. I haven't gotten around to it yet though.
You can, however, check for the CSRF stuff by overriding ModelEndpoint.authenticate() and checking the request that's passed to that for CSRF stuff.