在提供有效数据并提交表格后,我得到以下信息:Forbidden (CSRF cookie not set.): /membership/success/
。我的模板中有一个{% csrf_token %}
,并且我的settings.py中间件已配置为CSRF。
#urls.py
from django.contrib import admin
from django.urls import path, include
from membership import views as ms_views
membership_patterns = ([
path("", ms_views.RegistrationPage.as_view(), name="register"),
path("success/", ms_views.SuccessPage.as_view(), name="success")
], 'membership')
urlpatterns = [
path('admin/', admin.site.urls),
path('membership/', include(membership_patterns, namespace="new_members"))
]
# membership/views.py
from django.shortcuts import render
from django.template.loader import get_template
from django.views import View
from django.http import HttpResponse, HttpResponseRedirect
from membership.forms import RegisterForm
from django.urls import reverse
# Create your views here.
class RegistrationPage(View):
def get(self, request):
register_page = get_template('membership/signup.html')
register_form = RegisterForm()
return HttpResponse(register_page.render({'form' : register_form}))
def post(self, request):
submitted_form = RegisterForm(request.POST)
if submitted_form.is_valid():
return HttpResponseRedirect(reverse('membership:success'))
return HttpResponse(reverse('membership:register'))
class SuccessPage(View):
def get(self, request):
return HttpResponse("Success")
# signup.html
{% extends 'index.html' %}
{% block content %}
<form action="{% url 'membership:success' %}" method='post'>
{% csrf_token %}
{{ form.as_p }}
<button type="submit">Submit</button>
</form>
{% endblock %}
一旦表单提交并有效,我希望会出现302。就像我说的,尽管我被禁止了403。
答案 0 :(得分:0)
由于成功页面没有逻辑,因此您可以选择免除CSRF令牌。 导入以下模块
from django.views.decorators.csrf import csrf_exempt
并将@csrf_exempt放在函数开头
@csrf_exempt
def get(self, request):
return HttpResponse("Success")
请参阅https://docs.djangoproject.com/en/2.2/ref/csrf/
但是,最好为您使用的每个模板包括{%csrf_token%},以确保CSRF令牌的一致性传递