Hello I am using Django Rest Framework along with Swagger. I am getting this error upon POST request.
{
"detail": "CSRF Failed: CSRF token missing or incorrect."
}
This is quite strange considering the POST request contains
"X-CSRFToken: 01658Gyfzlhz2v6zgoZjtbHSrWzrVTBrlseyp2JMfVHvh6PzfamHpgxuh4eaVXad"
This is the complete request
curl -X POST "http://127.0.0.1:8000/api/order-post/" -H "accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" -H "X-CSRFToken: 01658Gyfzlhz2v6zgoZjtbHSrWzrVTBrlseyp2JMfVHvh6PzfamHpgxuh4eaVXad" -d "customer_name=Muhammad%20Ahsan%20Mukhtar&country=Pakistan&address=Cb%20679%20Kashmir%20Colony%20Gujranwala%20Cantt&email=ahsan44411%40gamil.com&postal_code=52250&country_code=4343&phone_number=243434&tracking_number=4343"
I have even tried using csrf_exempt but that does not help either, I get the same error.
@method_decorator(csrf_exempt, name="dispatch")
class OrderPost(generics.ListCreateAPIView):
queryset = Order.objects.all()
serializer_class = OrderSerializer
I am using the default settings for Django Rest Framework which is SessionAuthentication I believe.
I've been stuck on this for hours without luck, any help will be appreciated. Thank you.
We had a similar issue. It turns out the SessionAuthentication in the DEFAULT_AUTHENTICATION_CLASS was causing the issue. Try removing or commenting that line.
REST_FRAMEWORK = {
'DEFAULT_SCHEMA_CLASS': 'rest_framework.schemas.coreapi.AutoSchema',
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticated',
],
'DEFAULT_AUTHENTICATION_CLASSES': [
'oauth2_provider.contrib.rest_framework.OAuth2Authentication'
# 'rest_framework.authentication.SessionAuthentication',
],
'DEFAULT_PARSER_CLASSES': [
'rest_framework.parsers.FormParser',
'rest_framework.parsers.MultiPartParser',
'rest_framework.parsers.JSONParser',
],
'DEFAULT_RENDERER_CLASSES': [
'rest_framework.renderers.JSONRenderer',
],
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.