Django/Django Rest Framework - Disable CSRF

Question

Im looking for a simple way to disable all the CSRF validation to can test my API in Postman.

Till now I have tried add @decorator csrf_exempt without success. I also tried create a disable.py file inside the app, but didn't work also.

Also I want desactivate for all requests, so some way to dont have to add the decorator everywhere. This a project that I just got, is already in Production, but I want to start to write Tests first in Postman, later TestCases.

All my views are using a "api_generics.CRUDGeneric",

the declaration of that class is:

class CRUDGeneric(mixins.CreateModelMixin, mixins.ListModelMixin, mixins.RetrieveModelMixin,
                  mixins.DestroyModelMixin, mixins.UpdateModelMixin, viewsets.GenericViewSet):

thanks is advice

I've try it, but it doesnt solve my problem, I got other errors — 62009030, Feb 14 '17 at 15:22

score 4 · Accepted Answer · answered Feb 14 '17 at 17:44

@62009030 you should be able to do what @smarber mentioned.. This could also work.. It is a traversed way to add csrf_exempt

from django.conf.urls import patterns, url
from django.views.decorators.csrf import csrf_exempt

import views

urlpatterns = patterns('',
    url('^asimpleurl/$', csrf_exempt(views.CRUDGeneric.as_view())),
    ...
)

This could be a work around for your problem..

Django/Django Rest Framework - Disable CSRF

1 Answers1