登录python CSRF

时间:2015-10-21 15:46:01

标签: python django forms

当我提交登录表单时,出现以下错误:

403 Forbidden Reason given for failure:CSRF token missing or incorrect.

这是我的代码

urls.py 

from datetime import datetime
from django.conf.urls import patterns, url
from django.conf.urls import include
from django.contrib import admin
from django.conf import settings
from app.models import *
from app.views import *

admin.autodiscover()
# Uncomment the next lines to enable the admin:

urlpatterns = patterns('',
    url(r'^tinymce/', include('tinymce.urls')),
    url('', include('django.contrib.auth.urls', namespace='auth')),
    url(r'^social/',include('social.apps.django_app.urls', namespace='social')),
    #url(r'^s$', 'app.views.CategoriaProductoss', name='servicios'),
    #url(r'^s/(?P<id>\d+)$', 'app.views.servicioscategoria', name='servicioscategoria'),
    url(r'^media/(?P<path>.*)$','django.views.static.serve', {'document_root':settings.MEDIA_ROOT,}),
    url(r'^$', 'app.views.index', name='Vulpini.co'),
    url(r'^login$', 'django.contrib.auth.views.login', name='Vulpini.co'),
    url(r'^$', 'django.contrib.auth.views.logout', name='logout'),
    url(r'start$', 'app.views.start', name="start"),
    url(r'ajax-upload$', 'app.views.import_uploader', name="my_ajax_upload"),

    # Uncomment the admin/doc line below to enable admin documentation:
     url(r'^admin/doc/', include('django.contrib.admindocs.urls')),

    # Uncomment the next line to enable the admin:
     url(r'^admin/', include(admin.site.urls)),
)

这是我的表格所在的模板:

的layout.html 

<form action="/login" class="form-horizontal" formmethod="post">
   {% csrf_token %}
   <h4>Iniciar Sesion.</h4>
   <hr />
   <div class="login-social">                     
      <a href="{% url 'social:begin' 'facebook' %}?next={{ request.path }}" target="iframe">Iniciar sesion con Facebook</a>           
      <a href="{% url 'social:begin' 'twitter' %}?next={{ request.path }}" target="iframe">Iniciar sesion con Twitter</a>
   </div>
   <hr />
   <div class="form-group">
     <label class="control-label" for="inputEmail">Usuario</label>
        <div class="controls">
           <input name="username" type="text" id="inputEmail" placeholder="Usuario"/>
        </div>
   </div>
   <div class="form-group">
     <label class="control-label" for="inputPassword">Contraseña</label>
        <div class="controls">
           <input name="password" type="password" id="inputPassword" placeholder="Contraseña"/>
        </div>
     </div>
   <div class="form-group">
     <label class="checkbox">
        <input type="checkbox" />Recordar</label>
           <button type="submit" class="btn btn-info" formmethod="post" formaction="/login">Ingresar</button>
            <a href="/">Registrar</a>
   </div>
</form>

为什么即使我在表单中包含{% csrf_token %},我也会遇到CSRF失败?

1 个答案:

答案 0 :(得分:2)

csrf令牌标记需要访问request对象。在您的情况下,最简单的方法是使用render快捷方式而不是render_to_response

from django.shortcuts import render

def index(request):
    notifi = Notificaciones.objects.all()
    return render(request, 'app/index.html', {'notifi': notifi})
相关问题
最新问题