0👍
For the CSRF
you get by default after user login aside with the session
, if you’re using SessionAuthentication
(It’s the default authentication used in DRF).
You have to send it with each request in the header, you can refer the this link to know more about the header sent, as it’s name is changed and can be configured.
Note also that in the settings you have to make sure that CSRF_COOKIE_HTTPONLY
is set to False (which is the default), to be able to read it from the client side JS.
Another path would be removing CSRF
enforcement per requests (But it’s highly not recommended for security concerns), you can find more about this in the answer here.
0👍
Use a Token-based authentification.
- [Vuejs]-Pass data from child component to parent component Vue js
- [Vuejs]-What is the use to define :class as an array and not as an object in Vue?
0👍
Same issue i was encountered with,
the problem was, i had used Class based view and at the time of registered the url i forget to mention as_view() with class Name.
ex:- class PostData(APIView)
before :- path('post_data', PostData)
after correction:- path('post_data', PostData.as_view())