search

blubber / django_injector

Dependency injection in Django.
BSD 2-Clause "Simplified" License
49 stars 7 forks source link

Task: https://github.com/blubber/django_injector/issues/19 #20

Closed whysage closed 2 years ago

whysage commented 2 years ago

Desc: fix csrf_exempt for graphene django

blubber commented 2 years ago

Thanks! I was about to look into this issue, great timing ;).

The solution seems fine to me, it works because GraphQLView does not override as_view, however, other apps might override it like DRF does, and those apps will need specific workarounds in django_injector, just like DRF. So keep in mind that this is not a generic solution for class based views.

Also, it appears the same bug exists in function based views, the function wrap_function completely ignores the view function's csrf exemption status. Could you perhaps add a similar check to wrap_function at line 92?

whysage commented 2 years ago

Hi @blubber! Thanks for reply. Please check https://github.com/blubber/django_injector/pull/20/commits/2800e5c34f90ae2e75aef2e251cd5937a168ec9d

blubber commented 2 years ago

Going to wait for the actions to finish and than I'll push out a new version to pypi.

whysage commented 2 years ago

Thank you :-)

blubber commented 2 years ago

Just pushed v0.2.5 to pypi, thanks!

whysage commented 2 years ago

Just pushed v0.2.5 to pypi, thanks! Cool :-)