Merge branch '195-csrf-verification-failed-csrf-cookie-when-submitting-forms' into 'master'

Let's enforce csrf on home, it seems the cookie is never sent to the client only… Closes #195 See merge request !204

Merge branch '195-csrf-verification-failed-csrf-cookie-when-submitting-forms' into 'master'
Let's enforce csrf on home, it seems the cookie is never sent to the client only… Closes #195 See merge request !204
592fc6d7 · okhin · c8d4df46 · 8cc240ed · 592fc6d7
Commit 592fc6d7 authored May 23, 2017 by okhin 🚴
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 0 deletions

src/memopol/views/home.py src/memopol/views/home.py +6 -0

No files found.
--- a/src/memopol/views/home.py
+++ b/src/memopol/views/home.py
@@ -5,6 +5,8 @@ import random
 from django.db.models import Q, Count
 from django.views import generic
+from django.utils.decorators import method_decorator
+from django.views.decorators.csrf import csrf_protect
 from representatives.models import Chamber, Representative
 from representatives_positions.views import PositionFormMixin
@@ -20,6 +22,10 @@ class HomeView(PositionFormMixin, RepresentativeViewMixin,
               generic.TemplateView):
    template_name = 'home.html'
+    @method_decorator(csrf_protect)
+    def dispatch(self, *args, **kwargs):
+        return super(HomeView, self).dispatch(*args, **kwargs)
    def get_context_data(self, **kwargs):
        c = super(HomeView, self).get_context_data(**kwargs)