python - CSRF Error when accessing django API code using POSt -
i using django rest api.
here;s code:
@api_view(['post']) def user_login(request): profile = request.post if ('user_name' not in profile or 'email_address' not in profile or 'oauth_secret' not in profile): return response( {'error': 'no data'}, status=status.http_400_bad_request) username = 'l' + profile['user_name'] email_address = profile['email_address'] oauth_secret = profile['oauth_secret'] password = oauth_secret firstname = none if 'first_name' in profile: firstname = profile['first_name'] lastname = none if 'last_name' in profile: lastname = profile['last_name'] bio = none if 'bio' in profile: bio = profile['bio'] oauth_token = none if 'oauth_token' in profile: oauth_token = profile['oauth_token'] investor = none if 'investor' in profile: investor = profile['investor'] user_form = dict() user_form['username'] = username user_form['password1'] = password user_form['password2'] = password user_form['email'] = email_address user_form['first_name'] = firstname user_form['last_name'] = lastname photo = none noconnections = 0 if 'pictureurl' in profile: photo = profile['pictureurl'] if 'numconnections' in profile: noconnections = profile['numconnections'] try: user = user.objects.get(username=username) except user.doesnotexist: usercreate = usercreateform(user_form) if usercreate.is_valid(): usernamet = usercreate.clean_username() passwordt = usercreate.clean_password2() user = usercreate.save() userprofile = user.get_profile() p_form = dict() if bio: p_form['bio'] = bio if photo: p_form['photo_url'] = photo if noconnections: p_form['noconnections'] = noconnections if oauth_token: p_form['oauth_token'] = oauth_token if oauth_secret: p_form['oauth_secret'] = oauth_secret profileform = userprofileform(p_form, instance=userprofile) if profileform.is_valid(): profileform.save() user = authenticate(username=usernamet, password=passwordt) if user not none: login(request, user) else: return response( none, status=status.http_400_bad_request) else: return response( usercreate.errors, status=status.http_400_bad_request) # if investor: #send_mail( #'please complete startup profile', #'here message.', #'from@example.com', #list(email_address))
serializer = userwithinvestorserializer(user) return response(serializer.data) whenever send post section of code, following error: csrf failed: csrf cookie not set.
what can do?
did see documentation it? here !.
maybe forget write {% csrf_token %} after form html tag:
e.g. form documentation:
<form action="." method="post">{% csrf_token %} 
Comments
Post a Comment