Revert "getting rid of csrf validation on this mixin the right way, decorating dispatch"

This reverts commit 385341f9.

Revert "getting rid of csrf validation on this mixin the right way, decorating dispatch"
This reverts commit 385341f9.
f94b1884 · Okhin · b4c60a89 · f94b1884 · f94b1884
Commit f94b1884 authored May 22, 2017 by Okhin
Showing with 4 additions and 7 deletions

src/memopol/templates/_position_form_modal.html src/memopol/templates/_position_form_modal.html +4 -1

src/representatives_positions/views.py src/representatives_positions/views.py +0 -6

No files found.
--- a/src/memopol/templates/_position_form_modal.html
+++ b/src/memopol/templates/_position_form_modal.html
@@ -13,6 +13,9 @@
        </div>

        <div class="modal-body">
+
+          {% csrf_token %}
+
          <div class="row">
            <div class="col-sm-12">
              <div class="well well-sm text-justify">{% include "text/position_info.html" %}</div>
@@ -93,4 +96,4 @@
       $("#add-position-success").modal("show");
    });
  </script>
-{% endif %}
+{% endif %}
\ No newline at end of file
--- a/src/representatives_positions/views.py
+++ b/src/representatives_positions/views.py
 from django.views import generic
-from django.views.decorators.csrf import csrf_exempt

 from .forms import PositionForm

@@ -16,11 +15,6 @@ class PositionFormMixin(generic.View):
    position_form = None
    position_created = False

-    @csrf_exempt
-    def dispatch(self, request, *args, **kwargs):
-        return super(PositionFormMixin, self).dispatch(
-            request, *args, **kwargs)
-
    def post(self, request, *args, **kwargs):
        if 'position-representatives' in request.POST:
            self.position_form = PositionForm(request.POST, prefix='position')