Is your feature request related to a problem? Please describe.
Django REST Framework uses various decorators including @api_view, @permission_classes, @authentication_classes, and @csrf_exempt. This last one actually comes from Django but allows the developer to disable csrf for a specific call, which is needed if you plan on having an open API.
At the moment, we cannot have csrf_exempt controllers unless the login_required parameter is set to False, and thecontroller decorator needs to be sandwiched between @csrf_exempt and @api_view.
# This works
@api_view(['POST'])
@permission_classes([AllowAny])
@controller(name='my_app', url='my-app/api/call', app_workspace=True, login_required=False)
@csrf_exempt
def api_call(request, app_workspace):
pass
# This does not
@api_view(['POST'])
@permission_classes([AllowAny])
@csrf_exempt
@controller(name='my_app', url='my-app/api/call', app_workspace=True)
def api_call(request, app_workspace):
pass
Describe alternatives you've considered
It would be nice if the Tethys controller could be extended to accept any additional decorator as part of a new parameter in the order they are provided. That would take care of any future decorator issues in an elegant way.
Is your feature request related to a problem? Please describe. Django REST Framework uses various decorators including @api_view, @permission_classes, @authentication_classes, and @csrf_exempt. This last one actually comes from Django but allows the developer to disable csrf for a specific call, which is needed if you plan on having an open API.
At the moment, we cannot have csrf_exempt controllers unless the login_required parameter is set to False, and thecontroller decorator needs to be sandwiched between @csrf_exempt and @api_view.
Describe the solution you'd like
Describe alternatives you've considered It would be nice if the Tethys controller could be extended to accept any additional decorator as part of a new parameter in the order they are provided. That would take care of any future decorator issues in an elegant way.