mattdrayer/api-csrftoken: Include CSRF token in the response payload

57cd0f14 · Matt Drayer · Jonathan Piacenti · ee2aa4ed · 57cd0f14 · 57cd0f14
Commit 57cd0f14 authored May 14, 2014 by Matt Drayer Committed by Jonathan Piacenti Aug 20, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 0 deletions

lms/djangoapps/api_manager/system/tests.py
+1 -0

lms/djangoapps/api_manager/system/views.py
+2 -0

No files found.
--- a/lms/djangoapps/api_manager/system/tests.py
+++ b/lms/djangoapps/api_manager/system/tests.py
@@ -69,6 +69,7 @@ class SystemApiTests(TestCase):
        self.assertIsNotNone(response.data['uri'])
        self.assertGreater(len(response.data['uri']), 0)
        self.assertEqual(response.data['uri'], test_uri)
+        self.assertGreater(len(response.data['csrf_token']), 0)
        self.assertIsNotNone(response.data['documentation'])
        self.assertGreater(len(response.data['documentation']), 0)
        self.assertIsNotNone(response.data['name'])

--- a/lms/djangoapps/api_manager/system/views.py
+++ b/lms/djangoapps/api_manager/system/views.py
 """ BASE API VIEWS """
+from django.middleware.csrf import get_token

 from rest_framework import status
 from rest_framework.response import Response
@@ -47,6 +48,7 @@ class ApiDetail(APIView):
        response_data['description'] = "Machine interface for interactions with Open edX."
        response_data['documentation'] = "http://docs.openedxapi.apiary.io"
        response_data['uri'] = base_uri
+        response_data['csrf_token'] = get_token(request)
        response_data['resources'] = []
        response_data['resources'].append({'uri': base_uri + 'courses'})
        response_data['resources'].append({'uri': base_uri + 'groups'})