This is auth_data_required decorator analogous to login_required where authentication data must come in POST of request. It's useful for API. I took the idea from [Tumblr API](http://www.tumblr.com/docs/en/api).
These generic views extend default views so that they also do permission checking on per-object basis. * detail, update and delete - check access for user * create - create permissions for user on object * list - narrow object list with permissions Classes prefixed with Owned are example implementation where user has access to object if designed object attribute references him. Example: `create_article = OwnedCreateView.as_view(owner='creator', model=Article, form_class=ArticleForm, success_url='/articles/article/%(id)d')`
mwicat has posted 2 snippets.