CSRF verification failed: Django 1.5.0 -
i'm running basic django login app (i thought) based on official docs and...it's still not working no matter i'm doing, , i've been looking through every single question on stackoverflow , not finding answer. i'm running django.version 1.5.0.
every single thing add or code, still csrf verification failed error.
inside portal/views.py:
@cache_page(60 * 15) @csrf_protect def index(request, id=none): return render_to_response('undercovercoders/index.html', context_instance=requestcontext(request)) @cache_page(60 * 15) def login_user(request): if request.post: username = request.post.get['username'] password = request.post.get['password'] user = authenticate(username=username, password=password) if user not none: if user.is_active: login(request, user) state = "you're logged in!" else: state = "your account not active, please contact site admin." else: state = "your username and/or password incorrect." return render_to_response('undercovercoders/index.html', {'state':state, 'username':username}, context_instance=requestcontext(request)) inside portal/templates/index.html:
<div id="login-box"> {% if form.errors %} <p>your username , password didn't match! please try again!</p> {% endif %} {{ state }} <form class="login-widgets" action="/login/" method="post">{% csrf_token %} username : <input class="login-widgets-text" type="text" name="username" value="{{ username }}" /> {{ form.username }}<br /> password : <input type="password" name="password" value="{{ password }}" /> {{ form.password }}<br /> <input class="login-button" type="submit" value="login" /> <input type="hidden" name="next" value="{{ next }}" /> </form> in urls.py /login/ defined following
(r'^login/$', 'portal.views.login'), my settings.py following:
middleware_classes = ( 'django.middleware.common.commonmiddleware', 'django.contrib.sessions.middleware.sessionmiddleware', 'django.middleware.csrf.csrfviewmiddleware', 'django.contrib.auth.middleware.authenticationmiddleware', 'django.contrib.messages.middleware.messagemiddleware', # uncomment next line simple clickjacking protection: # 'django.middleware.clickjacking.xframeoptionsmiddleware', ) please help, i've been wrestling error evening.
edit: console returns me when added changed render :
/library/python/2.7/site-packages/django/template/defaulttags.py:59: userwarning: {% csrf_token %} used in template, context did not provide value. caused not using requestcontext. warnings.warn("a {% csrf_token %} used in template, context did not provide value. caused not using requestcontext.") [07/aug/2013 21:44:25] "get / http/1.1" 200 2881 [07/aug/2013 21:44:25] "get /static/css/screen.css http/1.1" 304 0 [07/aug/2013 21:44:29] "post /login/ http/1.1" 403 2282
in views
return render(request, 'template/index.html', {'state':state, 'username':username}, c) you should do
return render(request, 'template/index.html', {'state':state, 'username':username}) right passing c in place of context_instance argument forces use of requestcontext.
Comments
Post a Comment