Django @csrf_exempt not working in class View

Question

I have an application in Django 1.9 that uses SessionMiddleware. I would like to create an API for this application inside the same project, but when doing a POST request it

Answer 1

DO NOT USE csrf_exempt with Django REST framework.

This won't work because the SessionAuthentication enforces the csrf check anyway.

Please make sure you use the csrf token in your AJAX requests. Django has a comprehensive documentation about it