Forbidden (403) CSRF verification failed. Request aborted. login page not working

Question

i was stuck while creating login page and getting error like "Forbidden (403) CSRF verification failed. Request aborted." please help me out of this

Views.py

from django.shortcuts import render, redirect
from django.contrib.auth.forms import UserCreationForm
from users.forms import UserRegisterForm

# Create your views here.
def register(request):
    if request.method=="POST":
        form=UserRegisterForm(request.POST)
        if form.is_valid():
            form.save()
            username=form.cleaned_data.get('username')
            messages.success(request, f"Account created for {username}")
            return redirect('app1-home')
    else:
        form=UserRegisterForm()
    return render(request, "users/register.html",{"form":form})

Urls.py

from django.contrib import admin
from django.urls import include, path
from users import views as user_views
from django.contrib.auth import views as auth_views
from app1 import views

urlpatterns = [
    path('admin/', admin.site.urls),
    path('', include('app1.urls')),
    path('register/', user_views.register, name='register'),
    path('login/', auth_views.LoginView.as_view(template_name='users/login.html'), name='login'),
    path('logout/', auth_views.LogoutView.as_view(template_name='users/logout.html'), name='logout'),

Forms.py

 from django import forms
    from django.contrib.auth.models import  User
    from django.contrib.auth.forms import UserCreationForm


    class UserRegisterForm(UserCreationForm):
        email=forms.EmailField()

        class Meta:
            model=User
            fields=["username", "email", "password1", "password2"]
**login.html**

{% extends "app1/base.html" %}
{% load crispy_forms_tags %}
{% load staticfiles %}
{% block content %}
    <div class="content-section">
        <form method="POST" >
          {% csrf_token %}

            <fieldset class="form-group">
                <legend class="border-bottom mb-4">Login</legend>
                {{ form|crispy }}
            </fieldset>
            <div class="form-group">
                <button class="btn btn-outline-info" type="submit">Login </button>
            </div>
        </form>
        <div class="border-top pt-3">
            <small class="text-muted">
                Sign Up Here? <a class="ml-2" href="{%url "register" %}">Sign Up</a>
            </small>
        </div>
    </div>
{% endblock content %}

In setings.py file, I used to write

REDIRECT_LOGIN_URL = 'app1-home'

I am creating a blog with logins and logouts and registration. up to registration I am succeed after login page it will not redirect to index page

Answer 1

You need to add below code snippet in your form, to enable csrf verification in the django forms, see here

Just like the below code :

<form>
    {% csrf_token %}
    <anything_else>
</form>

Also, you have to use RequestContext(request) everytime you use render_to_response :

return render_to_response("login.html",
    {"registration_id":registration_id},
    context_instance=RequestContext(request))

And you have to import authenticate and login both :

from django.contrib.auth import authenticate, login

I hope this helps...Thanks :)