From 5485103305f725358e97f332a0648b7f98210641 Mon Sep 17 00:00:00 2001
From: Sylvain Le Bon <sylvain@happy-dev.fr>
Date: Fri, 22 Dec 2017 12:31:50 +0100
Subject: [PATCH] bugfix: Force no CSRF

---
 views.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/views.py b/views.py
index 3437eadc..8aad72cb 100644
--- a/views.py
+++ b/views.py
@@ -3,6 +3,7 @@ from django.apps import apps
 from django.conf import settings
 from django.conf.urls import url
 from django.utils.decorators import classonlymethod
+from rest_framework.authentication import SessionAuthentication
 from rest_framework.renderers import JSONRenderer
 from rest_framework.parsers import JSONParser
 from rest_framework.viewsets import ModelViewSet
@@ -20,11 +21,16 @@ class JSONLDParser(JSONParser):
         data = super(JSONLDParser, self).parse(stream, media_type, parser_context)
         return jsonld.compact(data, ctx=data["@context"])
 
+class NoCSRFAuthentication(SessionAuthentication):
+    def enforce_csrf(self, request):
+        return
+
 
 class LDPViewSet(ModelViewSet):
     model = None
     renderer_classes = (JSONLDRenderer, )
     parser_classes = (JSONLDParser, )
+    authentication_classes = (NoCSRFAuthentication,)
     
     def __init__(self, **kwargs):
         super().__init__(**kwargs)
-- 
GitLab