X-Git-Url: https://git.mdrn.pl/wolnelektury.git/blobdiff_plain/1cfd896963379af2d46a08dde3a3cbb24763066c..bdf5017081b6f2017bed812c8276a9b693d8c564:/apps/api/urls.py?ds=inline diff --git a/apps/api/urls.py b/apps/api/urls.py index a22f3b772..f9f9c2279 100644 --- a/apps/api/urls.py +++ b/apps/api/urls.py @@ -1,10 +1,11 @@ # -*- coding: utf-8 -*- from django.conf.urls.defaults import * -from piston.authentication import OAuthAuthentication +from django.views.decorators.csrf import csrf_exempt +from piston.authentication import OAuthAuthentication, oauth_access_token from piston.resource import Resource from api import handlers -from catalogue.models import Book +from api.helpers import CsrfExemptResource auth = OAuthAuthentication(realm="Wolne Lektury") @@ -12,7 +13,7 @@ book_changes_resource = Resource(handler=handlers.BookChangesHandler) tag_changes_resource = Resource(handler=handlers.TagChangesHandler) changes_resource = Resource(handler=handlers.ChangesHandler) -book_list_resource = Resource(handler=handlers.BooksHandler, authentication=auth) +book_list_resource = CsrfExemptResource(handler=handlers.BooksHandler, authentication=auth) #book_list_resource = Resource(handler=handlers.BooksHandler) book_resource = Resource(handler=handlers.BookDetailHandler) @@ -22,13 +23,13 @@ tag_resource = Resource(handler=handlers.TagDetailHandler) fragment_resource = Resource(handler=handlers.FragmentDetailHandler) fragment_list_resource = Resource(handler=handlers.FragmentsHandler) -picture_resource = Resource(handler=handlers.PictureHandler, authentication=auth) +picture_resource = CsrfExemptResource(handler=handlers.PictureHandler, authentication=auth) urlpatterns = patterns( 'piston.authentication', url(r'^oauth/request_token/$', 'oauth_request_token'), url(r'^oauth/authorize/$', 'oauth_user_auth'), - url(r'^oauth/access_token/$', 'oauth_access_token'), + url(r'^oauth/access_token/$', csrf_exempt(oauth_access_token)), ) + patterns('', url(r'^$', 'django.views.generic.simple.direct_to_template',