class ChromeLoginView(View):
def get(self, request):
return JsonResponse({'status': request.user.is_authenticated()})
@method_decorator(csrf_exempt)
def post(self, request):
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
return JsonResponse({'status': True})
return JsonResponse({'status': False})
I am expecting that the post does stopped by csrf, but it return 403 error.
But if remove that decorator and do this in the URLConf
url(r'^chrome_login/', csrf_exempt(ChromeLoginView.as_view()), name='chrome_login'),
it will work.
What happened here? didn't it supposed to work, because I guess that's what method_decorator do.
I'm using python3.4 and django1.7.1
Any advice would be great.
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…