diff options
| author | Caine <caine@jihakuz.xyz> | 2026-04-02 23:12:16 +0100 |
|---|---|---|
| committer | Caine <caine@jihakuz.xyz> | 2026-04-02 23:12:16 +0100 |
| commit | 678650292c3bbeb576da16344e3c2fe3ad4f7e07 (patch) | |
| tree | ddb29d0f085eee809ca243d881394ed7cd0e0aff /kitchen/views_htmx.py | |
| parent | 1410108ac62e4edf90a313dd38f1b66bcc847037 (diff) | |
CSRF exempt HTMX views (localhost-only app)
Diffstat (limited to 'kitchen/views_htmx.py')
| -rw-r--r-- | kitchen/views_htmx.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/kitchen/views_htmx.py b/kitchen/views_htmx.py index 5fc7e67..7d011c9 100644 --- a/kitchen/views_htmx.py +++ b/kitchen/views_htmx.py @@ -7,6 +7,7 @@ from decimal import Decimal from django.http import HttpResponse from django.shortcuts import render, get_object_or_404 +from django.views.decorators.csrf import csrf_exempt from django.views.decorators.http import require_POST, require_http_methods from .models import ( @@ -194,6 +195,7 @@ def log_page(request): # --- HTMX Actions --- +@csrf_exempt @require_POST def pantry_add(request): name = request.POST.get("ingredient_name", "").strip() @@ -238,6 +240,7 @@ def pantry_add(request): return render(request, "kitchen/partials/pantry_table.html", ctx) +@csrf_exempt @require_http_methods(["DELETE"]) def pantry_delete(request, item_id): item = get_object_or_404(PantryItem, id=item_id) @@ -246,6 +249,7 @@ def pantry_delete(request, item_id): return render(request, "kitchen/partials/pantry_table.html", ctx) +@csrf_exempt @require_POST def shopping_generate(request): """Generate smart shopping list and return updated HTML.""" @@ -293,6 +297,7 @@ def shopping_generate(request): return render(request, "kitchen/partials/shopping_list.html", {"items": items}) +@csrf_exempt @require_POST def shopping_toggle(request, item_id): item = get_object_or_404(ShoppingListItem, id=item_id) @@ -305,6 +310,7 @@ def shopping_toggle(request, item_id): return render(request, "kitchen/partials/shopping_list.html", {"items": items}) +@csrf_exempt @require_POST def shopping_clear(request): ShoppingListItem.objects.filter(checked=True).delete() |
