I know that there are answers regarding Django Rest Framework, but I couldn't find a solution to my problem. I have an application which has authentication and some functionality. I added a new app to it, which uses Django Rest Framework. I want to use the library only in this app. Also I want to make POST request, and I always receive this response:
I have the following code:
I want add the API without affecting the current application. So my questions is how can I disable CSRF only for this app ? |
|||||||||||||
|
Why this error is happening? This is happening because of the default When you don't define any
Since DRF needs to support both session and non-session based authentication to the same views, it enforces CSRF check for only authenticated users. This means that only authenticated requests require CSRF tokens and anonymous requests may be sent without CSRF tokens. If you're using an AJAX style API with SessionAuthentication, you'll need to include a valid CSRF token for any "unsafe" HTTP method calls, such as What to do then? Now to disable csrf check, you can create a custom authentication class
In your view, then you can define the
This should handle the csrf error. |
|||||||||||||||||
|