Django API测试：CSRF异常

Question

I'm trying to test updating a value, in this example a location's timeslot (each location can have many timeslots, a timeslot has 1 location), with a PUT request. I'd like to update location_id 1 , timeslot 1 's filled attribute to true .

I'm getting a "CSRF Failed: CSRF token missing or incorrect." error even though I've added @csrf_exempt above the function definition in views.

DHC PUT Request:

• localhost:1234/v1.0/location/1/timeslots/1
• body: {"filled" : "true"}

URL Patterns:

...
url(r'^v1.0/location/?/timeslots/?', content_views.location_detail),
...

Views.py:

class LocationViewSet(viewsets.ModelViewSet):
    queryset = Location.objects.all()
    serializer_class = LocationSerializer
    http_method_names = ['get', 'post', 'put']

@api_view(['GET', 'POST', 'PUT',])
@csrf_exempt
def location_detail(request, pk):

    try:
        location = Location.objects.get(pk=pk)
    except Location.DoesNotExist:
        return Response(status=status.HTTP_404_NOT_FOUND)

    if request.method == 'GET':
        serializer = LocationSerializer(location)
        return Response(serializer.data)

    elif request.method == 'PUT':
        serializer = LocationSerializer(location, data=request.data)
        if serializer.is_valid():
            serializer.save()
            return Response(serializer.data, status=status.HTTP_200_OK)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

Models.py:

class Location(models.Model):
    ...

class Timeslot(models.Model):
    name = models.CharField(max_length=200)
    time = models.DateTimeField(auto_now_add=True, null=True)
    location_id = models.ForeignKey(Location, related_name='timeslots')
    filled = models.BooleanField(default=False)

I'm not sure why I am getting the csrf issue despite the exemption.

Answer 1

try this:

@csrf_exempt
@api_view(['GET', 'POST', 'PUT',])
def location_detail(request, pk):
    ...