diff --git a/vrobbler/apps/scrobbles/views.py b/vrobbler/apps/scrobbles/views.py index 0ff66c8..ec9d629 100644 --- a/vrobbler/apps/scrobbles/views.py +++ b/vrobbler/apps/scrobbles/views.py @@ -427,8 +427,8 @@ class KoReaderImportCreateView(LoginRequiredMixin, JsonableResponseMixin, Create return HttpResponseRedirect(self.request.META.get("HTTP_REFERER")) -@api_view(["GET"]) @permission_classes([IsAuthenticated]) +@api_view(["GET"]) def lastfm_import(request): lfm_import, created = LastFmImport.objects.get_or_create( user=request.user, processed_finished__isnull=True @@ -493,9 +493,9 @@ def web_scrobbler_webhook(request): return JsonResponse({"scrobble_id": scrobble.id}, status=status.HTTP_200_OK) -@api_view(["POST"]) -@permission_classes([IsAuthenticated]) @csrf_exempt +@permission_classes([IsAuthenticated]) +@api_view(["POST"]) def jellyfin_webhook(request): post_data = request.data logger.info( @@ -529,9 +529,9 @@ def jellyfin_webhook(request): return Response({"scrobble_id": scrobble.id}, status=status.HTTP_200_OK) -@api_view(["POST"]) -@permission_classes([IsAuthenticated]) @csrf_exempt +@permission_classes([IsAuthenticated]) +@api_view(["POST"]) def mopidy_webhook(request): try: data_dict = json.loads(request.data) @@ -554,9 +554,9 @@ def mopidy_webhook(request): return Response({"scrobble_id": scrobble.id}, status=status.HTTP_200_OK) -@api_view(["POST"]) -@permission_classes([IsAuthenticated]) @csrf_exempt +@permission_classes([IsAuthenticated]) +@api_view(["POST"]) def gps_webhook(request): try: data_dict = json.loads(request.data) @@ -584,10 +584,10 @@ def gps_webhook(request): return Response({"scrobble_id": scrobble.id}, status=status.HTTP_200_OK) +@csrf_exempt +@permission_classes([IsAuthenticated]) @api_view(["POST"]) @parser_classes([MultiPartParser]) -@permission_classes([IsAuthenticated]) -@csrf_exempt def import_audioscrobbler_file(request): """Takes a TSV file in the Audioscrobbler format, saves it and processes the scrobbles. @@ -603,8 +603,8 @@ def import_audioscrobbler_file(request): return Response(file_serializer.errors, status=status.HTTP_400_BAD_REQUEST) -@api_view(["GET"]) @permission_classes([IsAuthenticated]) +@api_view(["GET"]) def scrobble_start(request, uuid): logger.info( "[scrobble_start] called", @@ -694,8 +694,8 @@ def scrobble_longplay_finish(request, uuid): return HttpResponseRedirect(success_url) -@api_view(["GET"]) @permission_classes([IsAuthenticated]) +@api_view(["GET"]) def scrobble_finish(request, uuid): user = request.user success_url = request.META.get("HTTP_REFERER") @@ -718,8 +718,8 @@ def scrobble_finish(request, uuid): return HttpResponseRedirect(success_url) -@api_view(["GET"]) @permission_classes([IsAuthenticated]) +@api_view(["GET"]) def scrobble_cancel(request, uuid): user = request.user success_url = reverse_lazy("vrobbler-home") @@ -740,8 +740,8 @@ def scrobble_cancel(request, uuid): return HttpResponseRedirect(request.META.get("HTTP_REFERER")) -@api_view(["GET"]) @permission_classes([IsAuthenticated]) +@api_view(["GET"]) def export(request): format = request.GET.get("export_type", "csv") start = request.GET.get("start") diff --git a/vrobbler/apps/tasks/views.py b/vrobbler/apps/tasks/views.py index 975a625..0b15481 100644 --- a/vrobbler/apps/tasks/views.py +++ b/vrobbler/apps/tasks/views.py @@ -24,9 +24,9 @@ class TaskDetailView(ScrobbleableDetailView): model = Task -@api_view(["GET"]) -@permission_classes([IsAuthenticated]) @csrf_exempt +@permission_classes([IsAuthenticated]) +@api_view(["GET"]) def todoist_oauth(request): logger.info( "[todoist_oauth] called", diff --git a/vrobbler/apps/tasks/webhooks.py b/vrobbler/apps/tasks/webhooks.py index 9c881c8..21b8fab 100644 --- a/vrobbler/apps/tasks/webhooks.py +++ b/vrobbler/apps/tasks/webhooks.py @@ -17,9 +17,9 @@ from scrobbles.scrobblers import ( logger = logging.getLogger(__name__) -@api_view(["POST"]) -@permission_classes([IsAuthenticated]) @csrf_exempt +@permission_classes([IsAuthenticated]) +@api_view(["POST"]) def todoist_webhook(request): post_data = request.data logger.info( @@ -115,9 +115,9 @@ def todoist_webhook(request): return Response({"scrobble_id": scrobble.id}, status=status.HTTP_200_OK) -@api_view(["POST"]) -@permission_classes([IsAuthenticated]) @csrf_exempt +@permission_classes([IsAuthenticated]) +@api_view(["POST"]) def emacs_webhook(request): try: post_data = json.loads(request.data)