1π
β
I think itβs working as it should, you may have just missed one important note on Tasty Pie docs
It requires that the user has logged in & has an active session.
They also must have a valid CSRF token.
You need to pass a valid CSRF token for SessionAuthentication to work.
Here is an example:
First setup a function to send a csrftoken with every ajax request
function csrfSafeMethod(method) {
// these HTTP methods do not require CSRF protection
return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
}
Then on your ajax setup:
$.ajaxSetup({
crossDomain: false, // obviates need for sameOrigin test
beforeSend: function(xhr, settings) {
if (!csrfSafeMethod(settings.type)) {
xhr.setRequestHeader("X-CSRFToken", $.cookie('csrftoken'));
}
}
});
Last in your template donβt forget to include the {% csrf_token %} tag!
π€Glyn Jackson
Source:stackexchange.com