Edit the file, and add the following.

Note that because we want to be able to POST to this view from clients that won't have a CSRF token we need to mark the view as . This isn't something that you'd normally want to do, and REST framework views actually use more sensible behavior than this, but it'll do for our purposes right now.

Finally we need to wire these views up. Create the file:

It's worth noting that there are a couple of edge cases we're not dealing with properly at the moment. If we send malformed , or if a request is made with a method that the view doesn't handle, then we'll end up with a 500 "server error" response. Still, this'll do for now.