Can't submit a post request using Django rest framework (“detail”: “CSRF Failed: CSRF token missing or incorrect.”)
Question
I am into a weird situation I am login into site and try to submit form if I use permission_classes = [AllowAny] or isAuthenticate classes I get error CSRF Failed: CSRF token missing or incorrect
And in following scenario it gives a popup to enter password and user name . My full class is like
class AddReview(APIView):
serializer_class = ReviewSerializer
authentication_classes = (BasicAuthentication,)
def post(self, request):
rest = request.POST.get('restaurant')
dish = request.POST.get('dish')
And my settings.py is
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
),
}
I just want to submit a post custom form to submit data. Any help or suggestion to make question good would be highly appericiated.
Update
I am able to submit form by using this
class SessionAuthentication(SessionAuthentication):
def enforce_csrf(self, request):
return
But why I have to enforce it ? What I am doing wrong ?
1 answers
solution1
0 2019-09-16 20:09:19
Ideally, you website form should have a csrf token and that should also be sent to server. Maybe something like :
<form method="post">{% csrf_token %}</form>
- The CSRF middleware is activated by default in the
MIDDLEWAREsetting. - If you want to disable CSRF protection just a few views use
csrf_exempt()decorator
References
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.