ref(controller): disable CSRF token authn/authz

Author: Matthew Fisher

client/deis.py

@@ -152,16 +152,8 @@ def _get_name_from_git_remote(self, git_root):
 
     def request(self, *args, **kwargs):
         """
-        Issue an HTTP request with proper cookie handling including
-        `Django CSRF tokens <https://docs.djangoproject.com/en/dev/ref/contrib/csrf/>`
-        """
-        for cookie in self.cookies:
-            if cookie.name == 'csrftoken':
-                if 'headers' in kwargs:
-                    kwargs['headers']['X-CSRFToken'] = cookie.value
-                else:
-                    kwargs['headers'] = {'X-CSRFToken': cookie.value}
-                break
+        Issue an HTTP request with proper cookie handling
+        """
         url = args[1]
         if 'headers' in kwargs:
             kwargs['headers']['Referer'] = url

controller/deis/settings.py

@@ -104,7 +104,6 @@
 MIDDLEWARE_CLASSES = (
     'django.middleware.common.CommonMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
-    'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'api.middleware.VersionMiddleware',