OiO.lk Community platform!

Oio.lk is an excellent forum for developers, providing a wide range of resources, discussions, and support for those in the developer community. Join oio.lk today to connect with like-minded professionals, share insights, and stay updated on the latest trends and technologies in the development field.
  You need to log in or register to access the solved answers to this problem.
  • You have reached the maximum number of guest views allowed
  • Please register below to remove this limitation

Protecting publicly accessable endpoints in Django and React

  • Thread starter Thread starter x945
  • Start date Start date
X

x945

Guest
I have an endpoint urls.py

Code:
from django.urls import path 
from . import views 

app_name = 'Main'
urlpatterns = [
    path("helloKitty/", views.helloKitty, name='helloKitty'),
]

views.py

Code:
def helloKitty(request):
    hello = pd.read_csv('static/data/helloKitty_data.csv')
    hello = hello.to_json(orient='records')
    return HttpResponse(hello)

It's currently accessible by anyone at /helloKitty and it needs to be prevented.

I use React on the front-end to access this endpoint and retrieve the data

Code:
import React from "react";
import { create } from 'zustand';
import axios from 'axios';

const kittyStore = create((set) => ({
    kitten: [],

    fetchKitty: async () => {
        const response = await axios.get('/helloKitty');
        const hello = response.data.map((h) => {
            return {
                name: h.name,
                age: h.age,
            }
        });
        set({ kitten })
    },
}));

export default kittyStore;

The endpoints /helloKitty needs to be protected from being publicly accessible, and just the React app can view and fetch the data.

<p>I have an endpoint
urls.py</p>
<pre><code>from django.urls import path
from . import views

app_name = 'Main'
urlpatterns = [
path("helloKitty/", views.helloKitty, name='helloKitty'),
]

</code></pre>
<p>views.py</p>
<pre><code>def helloKitty(request):
hello = pd.read_csv('static/data/helloKitty_data.csv')
hello = hello.to_json(orient='records')
return HttpResponse(hello)
</code></pre>
<p>It's currently accessible by anyone at /helloKitty and it needs to be prevented.</p>
<p>I use React on the front-end to access this endpoint and retrieve the data</p>
<pre><code>import React from "react";
import { create } from 'zustand';
import axios from 'axios';

const kittyStore = create((set) => ({
kitten: [],

fetchKitty: async () => {
const response = await axios.get('/helloKitty');
const hello = response.data.map((h) => {
return {
name: h.name,
age: h.age,
}
});
set({ kitten })
},
}));

export default kittyStore;
</code></pre>
<p>The endpoints <code>/helloKitty</code> needs to be protected from being publicly accessible, and just the React app can view and fetch the data.</p>
 

Latest posts

Online statistics

Members online
0
Guests online
5
Total visitors
5
Top