44👍
Actually, django doesn’t enforce (by default) csrf checking with tests, as per https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#testing:
The CsrfViewMiddleware will usually be a big hindrance to testing view
functions, due to the need for the CSRF token which must be sent with
every POST request. For this reason, Django’s HTTP client for tests
has been modified to set a flag on requests which relaxes the
middleware and the csrf_protect decorator so that they no longer
rejects requests. In every other respect (e.g. sending cookies etc.),
they behave the same.If, for some reason, you want the test client to perform CSRF checks,
you can create an instance of the test client that enforces CSRF
checks:from django.test import Client
csrf_client = Client(enforce_csrf_checks=True)
However, this does require you to be using the Django Client vs requests; as far as I know, Django doesn’t mock/instrument/etc. requests… so you’re actually hitting the real server when you run that unit test.
Also note that you should name your test functions something that starts with test_
So something like this (when run through django manage.py test .ProjectEndpoint)
def test_post_endpoint(self):
data = {'hello':'23'}
c = Client() #above, from django.test import TestCase,Client
#optional, but may be necessary for your configuration: c.login("username","password")
response = c.post('/api/project',params=data)
self.assertEqual(response.status_code, 200)