1👍
✅
You forgot to send the csrf_token this is used for avoid Cross Site Request Forgery attacks, CSRF django docs You have 2 options to solve this problem:
The first one is the less secure and used, the second one dot 1 is which I recomend:
1.- Use csrf_exempt in your view:
from django.views.decorators.csrf import csrf_exempt
@csrf_exempt
def index(request):
#CODE#
2.- Send the csrf_token to django
2.1 In some place of your html put {%csrf_token%}
then in your javascript put
var data = {'brand': 1, 'csrfmiddlewaretoken': $("input[name='csrfmiddlewaretoken']").val()};
## ajax request
2.2 If you are doing the ajax request with the javascript into a script tag, I mean not in a .js file you can do this:
<script>
var data = {'brand': 1, 'csrfmiddlewaretoken': "{{csrf_token}}"};
</script>
Source:stackexchange.com