def _HandleApi(self, request): """Handles API requests.""" # Checks CSRF token. CSRF token cookie is updated when homepage is visited # or via GetPendingUserNotificationsCount API call. ValidateCSRFTokenOrRaise(request) response = http_api.RenderHttpResponse(request) # GetPendingUserNotificationsCount is an API method that is meant # to be invoked very often (every 10 seconds). So it's ideal # for updating the CSRF token. # We should also store the CSRF token if it wasn't yet stored at all. if (("csrftoken" not in request.cookies) or response.headers.get( "X-API-Method", "") == "GetPendingUserNotificationsCount"): StoreCSRFCookie(request.user, response) return response
def _RenderResponse(self, request): return http_api.RenderHttpResponse(request)