Merge pull request #11 from EventAccess/pr-fix-scanned-1

oddstr13 · web-flow · commit 75a51f79ce48 · 2024-10-20T01:41:19.000+02:00
Fix API endpoint `scanned`
diff --git a/backendapi/views.py b/backendapi/views.py
@@ -1,18 +1,20 @@
 from django.shortcuts import render
+from django.views.decorators.csrf import csrf_exempt
 from django.views.decorators.http import require_POST
 from django.views.decorators.cache import never_cache
 from django.http import JsonResponse
 
 from database.models import Attendant
 
 
+@csrf_exempt
 @require_POST
 @never_cache
 def scanned(request, tag: bytes):
     try:
-        attendant = Attendant.objects.get(tag=tag)
+        attendant = Attendant.objects.get(nfc_id=tag)
         # TODO: Queue event
         return JsonResponse({"valid": attendant.is_valid}, status=202)
 
     except Attendant.DoesNotExist:
-        return JsonResponse({"error": "No such tag"}, status=404)
+        return JsonResponse({"error": "No such tag", "valid": False}, status=404)
diff --git a/config/settings.py b/config/settings.py
@@ -25,7 +25,7 @@
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
 
-ALLOWED_HOSTS = []
+ALLOWED_HOSTS = ["*"]
 
 
 # Application definition
