stackoom
  简体   繁体   中英

Django CSRF cookie not set. Stuck

 原文  2017-10-14 14:00:04       python/ django/ cookies

Question

I'm learning how work Django and I've bought a book for this. I try to do a connection system with method="post" for the form. And when I submit there's CSRF cookie not set etc... I saw a lot of similar problems on the forum but still a bit stuck as I don't understand all the answer and I've not found something which worked excepted @csrf_exempt but I saw it was like disabling the things and it wasn't a good idea. Here's the code :

My html login.html page : 

<form action="." method="post">{% csrf_token %}
{% if error %}
<p class="error">{{ error }}</p>
{% endif %}
<p>
    <label for="email">E-mail :</label>
    <input name="email" id="email" size="30" type="email" />
</p>
<p>
    <label for="password">Password :</label>
    <input name="password" id="password" size="30" type="password" />
</p>
<p>
    <input type="submit" value="Log-in" />
    <a href="">Créer un compte</a>
</p>

My views.py : 

    from django.shortcuts import render_to_response
from datetime import datetime
from django.views.decorators.csrf import csrf_protect
from django.http.response import HttpResponseRedirect
# from django.http import HttpResponseRedirect

def welcome(request):
    return render_to_response('welcome.html',
                              {'curent_date_time' : datetime.now})


@csrf_protect
def login(request):
    if len(request.POST) > 0:
        if 'email' not in request.POST or 'password' not in request.POST:
            error = "Veuillez entrer un adresse mail et un mot de passe."
            return render_to_response('login.html', {'error': error})
        else:
            email = request.POST['email']
            password = request.POST['password']
            if password != 'sesame' or email != 'pierre@lxs.be':
                error = "Adresse de couriel ou mot de passe errone."
                return render_to_response('login.html', {'error': error})
            else:
                return HttpResponseRedirect('welcome/')
    else:
        return render_to_response('login.html')

I also can show my settings if needed. And a screen of the error messahe If it can help too.

PS : I know there's pretty much things already on this but I'm stuck and some personal help would be good for me to understand from where it comes.

1 answers

solution1
 2  2017-10-14 15:31:23

Your template tries to render {% csrf_token %} , but it can't do so without access to the request. To pass in the request to the template, replace render_to_response() with render() : 

@csrf_protect
def login(request):
    ...
    return render(request, 'login.html')

It's not recommended to use render_to_response() anymore:

This function preceded the introduction of render() and works similarly except that it doesn't make the request available in the response. It's not recommended and is likely to be deprecated in the future.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Django: Forbidden (CSRF cookie not set.) Forbidden (CSRF cookie not set.) Django django csrf token error - Forbidden (CSRF cookie not set.) Django: Forbidden (CSRF cookie not set.): for DELETE request Django “Forbidden (CSRF cookie not set.)” on localhost:8000 Forbidden (CSRF cookie not set.) in Django jQuery POST Forbidden (CSRF cookie not set.) with React and axios How to fix “Forbidden (CSRF cookie not set.)” Django + Okta + django_saml2_auth Forbidden (CSRF cookie not set.) 403 Django Forbidden (CSRF cookie not set.): / POST / HTTP/1.1" 403 2864 on Google Colab
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM