1๐
You are manually adding the CSRF token to the context, but you are only doing it after the POST. The whole point of a CSRF token is that it is set by the GET, and checked on POST. Since you are not setting it on GET, the POST will fail.
However you should not be setting it manually at all. Django will do it for you, as long as you use a RequestContext. And the way to do that is to use the render shortcut, passing it the request, rather than the old render_to_response.
Remove the call to csrf(request) and replace your last line with:
return render(request, 'authen/auth.html', dic)
0๐
In your view.py add RequestContext(request) to render_to_response:
return render_to_response('authen/auth.html',dic, context_instance = RequestContext(request))
0๐
I was receiving the Forbidden (403), CSRF cookie not set. error. I thought it had something to do with ios.
I fixed this by adding an "s" to the end of http, FROM: http://MYAPPNAME.herokuapp.com/ TO: https://MYAPPNAME.herokuapp.com/
In
# settings.py
SESSION_COOKIE_SECURE = True
- Return user id django
- How to make django server public in rasb?
- Error to execute djangocms -f -p . mysite
- Why django not able to extend project level template?
- Django response for angular $http not rendered as angularjs elements