o ʎ_@sddlmZddlmZmZddlmZeeZde_de_ GdddeZ ee Z de _d e _ Gd d d eZ ee Z d e _d e _ ddZdS))wraps)CsrfViewMiddleware get_token)decorator_from_middleware csrf_protectz This decorator adds CSRF protection in exactly the same way as CsrfViewMiddleware, but it can be used on a per view basis. Using both, or using the decorator multiple times, is harmless and efficient. c@seZdZddZdS)_EnsureCsrfTokencCdSNselfrequestreasonr r >/usr/lib/python3/dist-packages/django/views/decorators/csrf.py_rejectz_EnsureCsrfToken._rejectN)__name__ __module__ __qualname__rr r r rrs rrequires_csrf_tokenz Use this decorator on views that need a correct csrf_token available to RequestContext, but without the CSRF protection that csrf_protect enforces. cs$eZdZddZfddZZS)_EnsureCsrfCookiecCrr r r r r rrrz_EnsureCsrfCookie._rejectcst||||}t||Sr )super process_viewr)r r callback callback_argscallback_kwargsretval __class__r rr"sz_EnsureCsrfCookie.process_view)rrrrr __classcell__r r rrrsrensure_csrf_cookiez Use this decorator to ensure that a view sets a CSRF cookie, whether or not it uses the csrf_token template tag, or the CsrfViewMiddleware is used. csfdd}d|_t|S)zCMark a view function as being exempt from the CSRF view protection.cs|i|Sr r )argskwargs view_funcr r wrapped_view5sz!csrf_exempt..wrapped_viewT) csrf_exemptr)r$r%r r#rr&1s  r&N) functoolsrdjango.middleware.csrfrrdjango.utils.decoratorsrrr__doc__rrrr r&r r r rs