Exempted v2 API views from CSRF protection.

9b36f8be · Alan Mitchell · 400a6975 · 9b36f8be
Commit 9b36f8be authored Dec 18, 2019 by Alan Mitchell
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 0 deletions

bmsapp/views_api_v2.py bmsapp/views_api_v2.py +6 -0

No files found.
--- a/bmsapp/views_api_v2.py
+++ b/bmsapp/views_api_v2.py
@@ -6,6 +6,7 @@ from collections import Counter
 import pytz
 from django.http import JsonResponse
 from dateutil.parser import parse
+from django.views.decorators.csrf import csrf_exempt

 from bmsapp import models
 from bmsapp.readingdb import bmsdata
@@ -22,6 +23,7 @@ API_VERSION = 2.0
 # Make a logger for this module
 _logger = logging.getLogger('bms.' + __name__)

+@csrf_exempt
 def api_version(request):
    """API method that returns the version number of the API
    """
@@ -34,6 +36,7 @@ def api_version(request):

    return JsonResponse(result)

+@csrf_exempt
 def sensor_readings(request):
    """API Method.  Returns readings from multiple sensors, perhaps time-averaged
    and filtered by a date/time range.
@@ -176,6 +179,7 @@ def sensor_readings(request):
        }
        return JsonResponse(result, status=500)

+@csrf_exempt
 def sensors(request):
    """Returns information about one or more sensors.

@@ -288,6 +292,7 @@ def sensors(request):
        return JsonResponse(result, status=500)


+@csrf_exempt
 def buildings(request):
    """Returns information about one or more buildings.

@@ -414,6 +419,7 @@ def buildings(request):
        }
        return JsonResponse(result, status=500)

+@csrf_exempt
 def organizations(request):
    """Returns information about one or more organizations.