Python Django --CSRF 令牌丢失或不正确
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/12731305/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Django --CSRF token missing or incorrect
提问by daabears
So I am getting Forbidden (403) CSRF verification failed. Request aborted. Reason given for failure: CSRF token missing or incorrect.
I have the 'django.middleware.csrf.CsrfViewMiddleware', in my middleware_classes.
Here is my template
所以我收到 Forbidden (403) CSRF 验证失败。请求中止。失败原因:CSRF 令牌丢失或不正确。
我的中间件类中有“django.middleware.csrf.CsrfViewMiddleware”。这是我的模板
<form name="input" action="/login/" method="Post"> {% csrf_token %}
<input type="submit" value="Submit"></form>
Here is my view
这是我的观点
from django.shortcuts import render_to_response
from django.core.context_processors import csrf
from django.template import RequestContext
def login(request):
csrfContext = RequestContext(request)
return render_to_response('foo.html', csrfContext)
Well I am new to Django and most web development, but I cannot seem to find the problem here. Any help would be much appreciated!
好吧,我是 Django 和大多数 Web 开发的新手,但我似乎无法在这里找到问题。任何帮助将非常感激!
Also i have tried the method in the django documentation
我也尝试过 django 文档中的方法
c = {}
c.update(csrf(request))
# ... view code here
return render_to_response("a_template.html", c)
采纳答案by Nathan Villaescusa
Try adding the @csrf_protect decorator just before your login function.
尝试在登录功能之前添加 @csrf_protect 装饰器。
from django.views.decorators.csrf import csrf_protect
@csrf_protect
def login(request):
csrfContext = RequestContext(request)
return render_to_response('foo.html', csrfContext)
If the form is not in foo.html then you need to add the @csrf_protect method to the view function that is generating it.
如果表单不在 foo.html 中,那么您需要将 @csrf_protect 方法添加到生成它的视图函数中。
回答by miki725
You should do the following:
您应该执行以下操作:
def login(request):
context = {}
request_context = RequestContext(request)
return render_to_response('foo.html', context,
request_context=request_context)
Here are official docsfor render_to_response.
下面是官方的文档进行render_to_response。
回答by CodeArtist
I had the same problem with you and i found this code that solve my problem.
我和你有同样的问题,我发现这段代码可以解决我的问题。
from django.views.decorators.csrf import csrf_exempt
from django.shortcuts import render
from django.contrib import auth
#in accounts.forms i've placed my login form with two fields, username and password
from accounts.forms import LoginForm
@csrf_exempt
def login(request):
if request.method == "POST":
form = LoginForm(request.POST)
if form.is_valid():
user = auth.authenticate(
username=form.cleaned_data["username"],
password=form.cleaned_data["password"])
auth.login(request, user)
return HttpResponseRedirect("/")
else:
form = LoginForm()
return render(request, 'accounts/login.html', {'form':form})
回答by Tory
Just add this in your HTML:
只需将其添加到您的 HTML 中:
{% csrf_token %}
