Requiring HTTP methods

Published December 11, 2007. Filed under: Django.

Just a quick tip today: someone on IRC tonight was asking for an easy way to write a Django view which restricts itself to only allowing a specific HTTP method or methods. For example, a web-based API might want to only allow POST to specific views.

This is actually pretty easy to do with a set of decorators built in to Django, in the module django.views.decorators.http. Specifically, the fix for ticket #703 added three useful things to that module:

Also in that module is the decorator conditional_page, which provides helpful support for conditional GET; it has the same effect as django.middleware.http.ConditionalGetMiddleware, but as a decorator which only applies to a single view.

These have all been a part of Django for a couple years now, but unfortunately came in at a time when we weren’t quite as strict about requiring new functionality to include documentation before being checked in, so the official docs are somewhat lacking for these. I’ve opened a ticket (#6181 for those who are interested) for that, and if nobody else beats me to it I’ll work on it the next time I have a chance.