Pregunta de entrevista de ErnieApp
Django REST framework provides CSRF protection. When should it be used?
Respuesta de la entrevista
Anónimo
15 de abr de 2020
CSRF should be used when using SessionAuthentication in order to make sure that only the AJAX requests from the same context as the API are allowed. If you want your API to be publicly available you should probably look at TokenAuthentication or implement your own authentication backend.