Closed ajayaa closed 4 years ago
@chirag200666 This decorator will be helpful for parsing from fronted wherein the frontend would see 401 status instead of a redirected url. I think the frontend (for e.g. the typeahead.js lib) won't be able to make sense when it gets a redirected web-page.
What if we add the login_required decorator at both the search api view and the search page view, so that only a user who is logged in can throw a search query ?
@ajayaa for general restriction @login_required decorator is enough ( docs : https://docs.djangoproject.com/en/1.7/topics/auth/default/#the-login-required-decorator ). the permission decorator is useful when only specific set of users should be given access to certain pages