diff --git a/user/viewsets.py b/user/viewsets.py index 2eef9ac..1831bc9 100644 --- a/user/viewsets.py +++ b/user/viewsets.py @@ -1,4 +1,7 @@ from django.contrib.auth import authenticate, login, logout +from django.views.decorators.csrf import csrf_exempt +from django.utils.decorators import method_decorator + from rest_framework.decorators import action from rest_framework.permissions import AllowAny, IsAdminUser, IsAuthenticated @@ -77,6 +80,7 @@ class UserViewset(ActionBasedMixin, ModelViewSet): return Response(serializer.data) @action(detail=False, methods=["POST"]) + @method_decorator(csrf_exempt) def login(self, request): username = request.data["username"] password = request.data["password"]