views.py

@sensitive_variables()
@sensitive_post_parameters()
@require_POST
@csrf_exempt
def wiki_login(request):
    apikey = request.POST.get('apikey')
    user = request.POST.get('user')
    password = request.POST.get('password')

    if apikey != settings.WIKI_API_KEY:
        return HttpResponseForbidden('{"status":"error","msg":"invalid key"}')
    if user is None or password is None:
        return HttpResponseBadRequest(
            '{"status":"error","msg":"Missing username or password"}',
            content_type='application/json')
    raise Exception('derp')