# HG changeset patch
# User ymh <ymh.work@gmail.com>
# Date 1460027676 -7200
# Node ID fa80b0104695246b8715c0684dfc72a054f47efd
# Parent  5b3b5835338a3b6475ead6b8db97bc64c424e19c
It is not up to the generic api to decide on CSRF policy. This must be left to client applications

diff -r 5b3b5835338a -r fa80b0104695 server/python/django2/renkanmanager/api/views.py
--- a/server/python/django2/renkanmanager/api/views.py	Tue Apr 05 18:32:47 2016 +0200
+++ b/server/python/django2/renkanmanager/api/views.py	Thu Apr 07 13:14:36 2016 +0200
@@ -20,7 +20,6 @@
                                       CanEditWorkspace, CanDeleteWorkspace, CanCreateWorkspace, \
                                       CanDeleteRevision
 from renkanmanager.serializers import RenkanSerializer, RevisionSerializer, WorkspaceSerializer
-from renkanmanager.auth import CsrfExemptSessionAuthentication
 from rest_framework import permissions, status
 from rest_framework.response import Response
 from rest_framework.views import APIView
@@ -87,7 +86,6 @@
         CanEditRenkan,
         CanDeleteRenkan,
     )
-    authentication_classes = tuple(APIView.authentication_classes) + (CsrfExemptSessionAuthentication,)
 
     @csrf_exempt
     def dispatch(self, *args, **kwargs):