Patch and Put API not working (CSRF Token)

[larsrei]

Hi,

I try to patch a attribute from a device. I try with patch and put. I have active session, I can create devices, search and delete without problem.

PUT brings django error CSRF

PUT /api/devices/?hostname=FD801129&attributes=%7B%27monitoring_status%27:%27ACTIVE%27%7D

`HTTP 403 Forbidden Allow: GET, POST, PUT, PATCH, OPTIONS Content-Type: application/json Vary: Accept

{ "error": { "message": "CSRF Failed: CSRF token missing or incorrect.", "code": 403 } }`

Patch brings only <Response [400]>

        Data={'hostname': device,
              'site_id': '1',
               'attributes' : {'monitoring_status':'INACTIVE'}
        }
    #Change           
    self.response=requests.patch(self.__server + 'devices/',data=json.dumps(Data),headers=self.__Headers, verify=False)

best regards, Lars

NSoT version 1.0.10

[jathanism]

@larsrei Are you using the official pynsot client when performing these operations? If not, would you mind giving it a try to see if your experience isn't improved?

I've never encountered any CSRF issues even just using curl from the CLI, so I'm a little confused as to why you might be running into this!

Pynsot can be downloaded here: https://github.com/dropbox/pynsot

Or w/ pip install pynsot

[larsrei]

Yes I try it with pynsot and it was not working for us. So I use own script. With further analyse the code and discuss with a coworker we now know that the patch function is not working for one attribute. We must fetch device with all attributes. Change one/two attribute from that devcice and than patch the complete device with all attributes.