encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2024-11-30 21:44:04 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix 403 for POST and PUT from the UI with UserLoggedInAuthentication

Browse Source
This commit is contained in:
Petri Lehtinen 2012-01-09 10:37:03 +02:00
parent e712ab0ba1
commit 0e085364fd
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
djangorestframework/authentication.py
View File

@ -96,11 +96,16 @@ class UserLoggedInAuthentication(BaseAuthentication):
# Temporarily replace request.POST with .DATA, to use our generic parsing.
# If DATA is not dict-like, use an empty dict.
if request.method.upper() == 'POST':
token = request.POST.get('csrfmiddlewaretoken')
if hasattr(self.view.DATA, 'get'):
request._post = self.view.DATA
request._post = self.view.DATA.copy()
else:
request._post = {}
if token is not None:
request._post['csrfmiddlewaretoken'] = token
resp = CsrfViewMiddleware().process_view(request, None, (), {})
# Replace request.POST