2

I have a simple rest api which I want to send a post request to using requests.

My url pattern is this:

url(r'^$', views.ProductList.as_view())

Inside my view I have:

class ProductList(generics.ListAPIView):
    serializer_class = ProductSerializer

    def post(self, request, format=None):
        print('THIS IS A POST REQUEST')
        queryset = [product.name for product in Product.objects.all()]
        return Response(queryset)

And I am trying to send a post request using:

response = requests.post('http://127.0.0.1:8080/')

However this returns a 403, and the print statement isn't printed. I have done some research and I think it may have something to do with the CSRF token not being there but i'm not to sure how to add that. Does anybody know how I can get the post request to work?

I'm using python 3.6.3 and Django 1.10

Improve this question
13
  • add the urls. your endpoint needs to be a url connected to the view Commented May 19, 2018 at 20:36
  • stackoverflow.com/questions/27315592/… csrf exempt your view Commented May 19, 2018 at 20:37
  • @harshil9968 Thanks. I've added as they've said but still getting 403 Commented May 19, 2018 at 21:20
  • 403 can also mean that the view expects a logged-in user. Is that the case in your setup? Commented May 19, 2018 at 21:28
  • 1
    @BernardParah sorry that /products shouldn't be there. I went into the Rest Framework Permissions and changed it to AllowAny. Not sure if that's the best way to do it but it now works Commented May 19, 2018 at 21:44

1 Answer 1

Reset to default
1

ListAPIView is meant for only listing your products hence the POST requests are forbidden.

ListAPIView

Used for read-only endpoints to represent a collection of model instances.

taken from Django Rest Framework documentation

You should use ListCreateAPIView:

class ProductList(generics.ListCreateAPIView):
    """
    List all products or create a product.
    """
    queryset = Product.objects.all()
    serializer_class = ProductSerializer
Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

I'm still getting the 403. If I use this what permissions should I have for it. I don't really need any permissions in general on my site, so anything which would allow the post request to be sent to the API.
Where exactly are you sending the post request from? Are you still using your self-defined post function? Why are you using queryset = [product.name for product in Product.objects.all()] for a post request? If you want to create a product in your backend, simply use ListCreateAPIView and send the necessary data according to your serializer using the class above.
im sending the post request using python requests. I understand what you are saying about the queryset variable, but I'm still confused about how I would go about adding to the database then by using ListCreateAPIView
is the python request from another server? Why do you need an API if not. You need to send a post request with form data that contains the json representation of your ProductSerializer (should be a ModelSerializer else you need to manually create the object when receiving the data)
right now its all from the same computer, however once it's finished I intend to put it on a server which is why I need the API. I am sending it a post request using request.post(the URL, json={data here}) this command is just running through a python shell on my computer
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.