Made Login route CSRF exempt

pennlabs · Mar 28, 2023 · 3144fc2 · 3144fc2
1 parent 308691d
commit 3144fc2
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/accounts/views.py b/accounts/views.py
@@ -7,7 +7,9 @@
 from django.shortcuts import get_object_or_404, redirect
 from django.urls import reverse
 from django.utils import timezone
+from django.utils.decorators import method_decorator
 from django.views import View
+from django.views.decorators.csrf import csrf_exempt
 from requests_oauthlib import OAuth2Session
 
 from accounts.models import AccessToken, RefreshToken
@@ -116,6 +118,7 @@ def get(self, request):
         return redirect(return_to)
 
 
+@method_decorator(csrf_exempt, name="dispatch")
 class TokenView(View):
     """
     View for token-based authentication, specifically for mobile products that

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "django-labs-accounts"
-version = "0.9.1"
+version = "0.9.2"
 description = "Reusable Django app for Penn Labs accounts"
 authors = ["Penn Labs <[email protected]>"]
 license = "MIT"