Django得到csrf错误

时间:2017-12-05 10:35:06

标签: django

我已经创建了一个注册表单,通常它可以工作,但有时它会给我csrf错误,在我回到注册页面后,它再次起作用:

Forbidden (403)
CSRF verification failed. Request aborted.

这是我所做的注册表格:

views.py 

def register(request):
    data = dict()
    if request.method == 'POST':
        form = RegistrationForm(request.POST)
        if form.is_valid():
            cd = form.cleaned_data
            email = cd['email']
            password = cd['password1']
            new_user = CustomUser.objects.create_user(
                email=email,
                password=password,
            )
            new_user.valid_email = False
            new_user.save()
            current_site = get_current_site(request)
            subject = 'Activate your account.'
            message = render_to_string('registration/account_activation_email.html', {
                'user': new_user,
                'domain': current_site.domain,
                'uid': urlsafe_base64_encode(force_bytes(new_user.pk)),
                'token': account_activation_token.make_token(new_user),
            })
            new_user.email_user(subject, message)
            return redirect('account:account_activation_sent')
    else:
        form = RegistrationForm()
    data['form'] = form
    return render(request, 'registration/register.html', data)

在register.html我正在使用{%csrf_token%}:

register.html 

<form method="POST" class="m-login__form m-form" action="">
    {% csrf_token %}
    {{ user_form.non_field_errors }}
    {{ user_form.email.errors }}
    <div class="form-group m-form__group">
        <input type="text" placeholder="E-mail*" name="email" autocomplete="off">
    </div>
    {{ user_form.password1.errors }}
    <div class="form-group m-form__group">
        <input type="password" placeholder="Parola*" name="password1">
    </div>
    {{ user_form.password2.errors }}
    <div class="form-group m-form__group">
        <input type="password" placeholder="Confirmati parola*" name="password2">
    </div>
    <div class="m-login__form-action">
        <button id="m_login_signup_submit" class="btn m-btn m-btn--pill m-btn--custom m-btn--air m-login__btn m-login__btn--primary">
            Sign Up
        </button>
    </div>
</form>

可能是什么问题?

1 个答案:

答案 0 :(得分:0)

当您使用csrf中间件时,您需要向您的API添加csrf权限,使用以下给定的装饰器为您的API,

from django.views.decorators.csrf import csrf_exempt


@csrf_exempt
def register(request):
data = dict()
if request.method == 'POST':
    form = RegistrationForm(request.POST)
    if form.is_valid():
        cd = form.cleaned_data
        email = cd['email']
        password = cd['password1']
        new_user = CustomUser.objects.create_user(
            email=email,
            password=password,
        )
        new_user.valid_email = False
        new_user.save()
        current_site = get_current_site(request)
        subject = 'Activate your account.'
        message = render_to_string('registration/account_activation_email.html', {
            'user': new_user,
            'domain': current_site.domain,
            'uid': urlsafe_base64_encode(force_bytes(new_user.pk)),
            'token': account_activation_token.make_token(new_user),
        })
        new_user.email_user(subject, message)
        return redirect('account:account_activation_sent')
else:
    form = RegistrationForm()
data['form'] = form
return render(request, 'registration/register.html', data)

希望,这将解决问题。

相关问题
最新问题