Запрещено (не установлен файл cookie CSRF): /517775/пользователи/одобрить-отклонить/4
@method_decorator(csrf_exempt, name='dispatch')
class ApproveOrDeclineUserView(APIView):
def patch(self, request, org_code, user_id):
try:
organization = Organization.objects.get(code=org_code)
except Organization.DoesNotExist:
return Response({'detail': 'Invalid organization code'}, status=status.HTTP_404_NOT_FOUND)
try:
user = ClientUser.objects.get(id=user_id, organization=organization)
except ClientUser.DoesNotExist:
return Response({'detail': 'User not found in this organization'}, status=status.HTTP_404_NOT_FOUND)
decision = request.data.get('decision')
if decision == 'accept':
user.is_active = True
user.status = 'Active'
user.save()
# Email credentials
send_mail(
subject='Your Account Has Been Approved',
message=f"Hello {user.full_name},\n\n"
f"Your account has been approved.\n\n"
f"Login here: {settings.FRONTEND_URL}{organization.code}/login\n\n"
f"Welcome aboard!\n\n"
f"Best regards,\n"
f"ISapce Team\n\n"
f"If you have any questions, feel free to reach out to us via email at samsoncoded@gmail.com",
from_email=settings.EMAIL_HOST_USER,
recipient_list=[user.email],
fail_silently=False,
)
return Response({'message': 'User approved and email sent.'}, status=status.HTTP_200_OK)
elif decision == 'decline':
user.delete()
return Response({'message': 'User account declined and deleted.'}, status=status.HTTP_200_OK)
return Response({'detail': 'Invalid decision. Must be "accept" or "decline".'}, status=status.HTTP_400_BAD_REQUEST)
Я застрял. Может кто-нибудь, пожалуйста, сказать мне, где я все неправильно понимаю. Все остальные аспекты приложения работают, но в тот момент, когда я пытаюсь получить доступ к конечной точке, я получаю сообщение об ошибке 403.