How to unset csrf in modelviewset of django
How to unset csrf in modelviewset of django-rest-framework?
I'll use viewsets.ModelViewSet(http://django-rest-framework.org/api-guide/viewsets.html#modelviewset) of django-rest-framework.
And my app is api server. So I don't need to use csrf.
But I don't know how to unset csrf.
Please give me a example!
CSRF is only enforced if you're using SessionAuthentication. If you're using one of the other form of authentication (eg TokenAuthentication) then it won't be required.
You need to wrap dispatch method of ModelViewSet with csrf_exempt:
from django.utils.decorators import method_decorator
from django.views.decorators.csrf import csrf_exempt
class MyModelViewSet(viewsets.ModelViewSet):
@method_decorator(csrf_exempt)
def dispatch(self, *args, **kwargs):
return super(MyModelViewSet, self).dispatch(*args, **kwargs)
or you can achieve the same effect by wrapping the view in urls.py :
url(r'^snippets/$', csrf_exempt(snippet_list), name='snippet-list'),
url(r'^snippets/(?P<pk>[0-9]+)/$', csrf_exempt(snippet_detail), name='snippet-detail'),
还要确保你的urlpatterns中没有包含api-auth。
链接地址: http://www.djcxy.com/p/75368.html