Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Django --CSRF token missing or incorrect

Tags:

python

django

django-views

So I am getting Forbidden (403) CSRF verification failed. Request aborted. Reason given for failure: CSRF token missing or incorrect.
I have the 'django.middleware.csrf.CsrfViewMiddleware', in my middleware_classes. Here is my template

<form name="input" action="/login/" method="Post"> {% csrf_token %}
<input type="submit" value="Submit"></form>

Here is my view

from django.shortcuts import render_to_response
from django.core.context_processors import csrf
from django.template import RequestContext
def login(request):
     csrfContext = RequestContext(request)
     return render_to_response('foo.html', csrfContext)

Well I am new to Django and most web development, but I cannot seem to find the problem here. Any help would be much appreciated!

Also i have tried the method in the django documentation

c = {}
c.update(csrf(request))
# ... view code here
return render_to_response("a_template.html", c)
like image 376
daabears Avatar asked Oct 04 '12 16:10

daabears

3 Answers

Try adding the @csrf_protect decorator just before your login function.

from django.views.decorators.csrf import csrf_protect

@csrf_protect
def login(request):
     csrfContext = RequestContext(request)
     return render_to_response('foo.html', csrfContext)

If the form is not in foo.html then you need to add the @csrf_protect method to the view function that is generating it.

like image 158
Nathan Villaescusa Avatar answered Nov 10 '22 03:11

Nathan Villaescusa

I had the same problem with you and i found this code that solve my problem.

from django.views.decorators.csrf import csrf_exempt
from django.shortcuts import render
from django.contrib import auth

#in accounts.forms i've placed my login form with two fields, username and password
from accounts.forms import LoginForm

@csrf_exempt
def login(request):
   if request.method == "POST":
      form = LoginForm(request.POST)
      if form.is_valid():
         user = auth.authenticate(
                username=form.cleaned_data["username"],
                password=form.cleaned_data["password"])
                auth.login(request, user)
                return HttpResponseRedirect("/")
      else:
         form = LoginForm()

return render(request, 'accounts/login.html', {'form':form})
like image 34
CodeArtist Avatar answered Nov 10 '22 05:11

CodeArtist

Just add this line .

$.ajaxSetup({
    data: {csrfmiddlewaretoken: '{{ csrf_token }}' },
});
like image 2
Wahib Mzali Avatar answered Nov 10 '22 04:11

Wahib Mzali
Sign in to Comment

Related questions

How to pass variables with spaces through URL in :Django
Get required fields from Document in mongoengine?
Building OpenCV libraries from source files
Pointfree function combination in Python
Python: __str__, but for a class, not an instance?
Why are some mysql connections selecting old data the mysql database after a delete + insert?
how to using python to diff two html files
Running a linux command from python
Django Custom Save Model
Python max with same number of instances
Recursive Generators in Python
Update DynamoDB Atomic Counter with Python / Boto
Removing html image tags and everything in between from a string
How to prevent iterator getting exhausted?
numpy array of chars to string
Finding matching submatrices inside a matrix
if else branching in jinja2
Python Alternatives to Global Variables
Loop print through two lists to get two columns with fixed(custom set) space between the first letter of each element of each list
Installing PIP packages to a Virtualenv using a download cache

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!