Define SessionCsrfExemptAuthentication

onegeo_rproxy_mapstore2/rproxy.py

@@ -18,6 +18,8 @@ import logging
 
 from django.conf import settings
 from drfreverseproxy.views import ProxyView
+from rest_framework.authentication import BasicAuthentication
+from rest_framework.authentication import SessionAuthentication
 from rest_framework import permissions
 
 
@@ -28,9 +30,19 @@ ONEGEOSUITE_MAPSTORE_UPSTREAM = settings.ONEGEOSUITE_MAPSTORE_UPSTREAM
 ONEGEOSUITE_MAPSTORE_AUTH_HEADER = settings.ONEGEOSUITE_MAPSTORE_AUTH_HEADER
 
 
+class SessionCsrfExemptAuthentication(SessionAuthentication):
+    def enforce_csrf(self, request):
+        pass
+
+
 class MapstoreProxyView(ProxyView):
     upstream = ONEGEOSUITE_MAPSTORE_UPSTREAM
 
+    authentication_classes = [
+        SessionCsrfExemptAuthentication,
+        BasicAuthentication,
+    ]
+
     permission_classes = [
         permissions.AllowAny,
     ]
@@ -53,4 +65,3 @@ class MapstoreProxyView(ProxyView):
             headers[ONEGEOSUITE_MAPSTORE_AUTH_HEADER] = self.request.user.username
 
         return headers
-