禁止(403)CSRF验证失败。请求中止 [英] Forbidden (403) CSRF verification failed. Request aborted
问题描述
我正在制作一个登录表单的应用程序,但是当我运行我的应用程序并点击登录按钮时,将出现以下错误。
禁止(403)
CSRF验证失败。请求已中止。
view.py的代码为:
code> from django.template import loader
from django.shortcuts import render_to_response
from registration.models import注册
from django.http import HttpResponse
from django.template import RequestContext
from django.shortcuts import redirect
def view_login(request,registration_id):
t = loader.get_template('registration / login.html')
try:
registration = Registration.objects.get(pk = registration_id)
除了Registration.DoesNotExist:
返回render_to_response(login.html,{registration_id:registration_id})
def home(request,registration_id):
如果request.method ==POST:
username = request.POST.get('user_name')
password = request.POST.get('password')
user = authenticate(username = username,password = password)
如果用户不是N一个:
如果user.is_active:
登录(请求,用户)
#success
return render('registration / main_page.html',{'registration_id':registration_id} context_instance = RequestContext(user))
else:
#user不活动
返回重定向('q /',context_instance = RequestContext(user))
else:
#不是一个有效的用户
return redirect('q /',context_instance = RequestContext(user))
else:
#直接访问URL
return redirect('q / ',context_instance = RequestContext(user))
在您的表单中添加 {%csrf_token%}
https://docs.djangoproject.com/en/1.4/ref/contrib/csrf/
如下:
< form>
{%csrf_token%}
< anything_else>
< / form>
此外,您每次使用 render_to_response
:
返回render_to_response(login.html,
{registration_id:registration_id },
context_instance = RequestContext(request))
你必须导入验证和登录:
从django.contrib.auth导入验证,登录
I am making an app of login form but when I am running my app and click on login button the following error will occur
Forbidden (403) CSRF verification failed. Request aborted.
the code of view.py is as:
from django.template import loader
from django.shortcuts import render_to_response
from registration.models import Registration
from django.http import HttpResponse
from django.template import RequestContext
from django.shortcuts import redirect
def view_login(request,registration_id):
t = loader.get_template('registration/login.html')
try:
registration=Registration.objects.get(pk=registration_id)
except Registration.DoesNotExist:
return render_to_response("login.html",{"registration_id":registration_id})
def home(request,registration_id):
if request.method == "POST":
username = request.POST.get('user_name')
password = request.POST.get('password')
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
# success
return render('registration/main_page.html',{'registration_id':registration_id},context_instance=RequestContext(user))
else:
#user was not active
return redirect('q/',context_instance=RequestContext(user))
else:
# not a valid user
return redirect('q/',context_instance=RequestContext(user))
else:
# URL was accessed directly
return redirect('q/',context_instance=RequestContext(user))
You need to add {% csrf_token %}
in your form
https://docs.djangoproject.com/en/1.4/ref/contrib/csrf/
like that :
<form>
{% csrf_token %}
<anything_else>
</form>
Also, you have to use RequestContext(request) everytime you use render_to_response
:
return render_to_response("login.html",
{"registration_id":registration_id},
context_instance=RequestContext(request))
And you have to import authenticate and login :
from django.contrib.auth import authenticate, login
这篇关于禁止(403)CSRF验证失败。请求中止的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!