1. Jesper Nøhr
  2. django-piston
Issue #207 invalid

Anonymous users cannot use POST

Valentin Lorentz
created an issue

Hi,

I want to enable clients to register through the API, but it seems all POST requests are forbidden for unauthenticated clients, while GET is allowed.

Here is my code: {{{

!python

class AnonymousPeopleHandler(AnonymousBaseHandler): allowed_methods = ('GET',) model = People fields = ('username', 'server',)

def read(self, request, username=None):
    """Returns either a list of all people registered, or the
    user matching the username (wildcard not allowed)."""
    if username is None:
        return People.objects.all()
    else:
        try:
            return People.objects.get(username=username, server=server)
        except People.DoesNotExist:
            return rc.NOT_FOUND

@validate(PeopleForm, 'POST')
def create(self, request):
    people = request.form.save()
    return rc.CREATED

class PeopleHandler(BaseHandler): anonymous = AnonymousPeopleHandler model = anonymous.model fields = anonymous.fields

def read(self, request, username=None):
    return self.anonymous().read(request, username)

def create(self, request):
    return self.anonymous().read(request)

def update(self, request):
    # TODO: write this
    pass

people_handler = Resource(PeopleHandler, authentication=auth)

}}}

Regards, ProgVal

Comments (1)

  1. Log in to comment