did you call {% csrf_token %} in your template html file?
нед, 6. јан 2019. у 18:55 Pasquale <pasqui023@gmail.com> је написао/ла:
I have the following files:
#views.py
from django.views.generic.edit import FormView
from django.views.generic.base import TemplateView
from braces.views import AnonymousRequiredMixin, CsrfExemptMixin
#exempting from Csfr as the worst it can do is making lots of new users
class LogonView(CsrfExemptMixin, AnonymousRequiredMixin, FormView):
"the page to create a new user"
from .forms import LogonForm as form_class
template_name = "registration/logon.html"
from django.urls import reverse_lazy
authenticated_redirect_url = reverse_lazy("success")
success_url = authenticated_redirect_url
def form_valid(self, form):
u = form.save(commit=False)
u.set_password(form.cleaned_data["password"])
u.save()
from django.contrib.auth import login
login(self.request, u)
return super().form_valid(form)
class SuccessView(TemplateView):
template_name = "registration/success.html"
#forms.py
from django import forms as f
class LogonForm(f.ModelForm):
"The form to create a new user"
# repeat the password form
password2 = f.CharField(
label="Please repeat your password",
widget=f.PasswordInput,
)
class Meta:
from django.contrib.auth.models import User as model
fields = ("username", "email", "first_name", "last_name",
"password")
widgets = {"password": f.PasswordInput, }
def clean(self):
c = super().clean()
pwd = c.get("password")
if pwd and pwd == c.get("password2"):
return c
raise f.ValidationError(
"You need to repeat the passwords identically")
#urls.py
from django.urls import path, include
from .views import *
urlpatterns = [
path('', include('django.contrib.auth.urls')),
path("logon/", LogonView.as_view(), name="logon"),
path("success/",SuccessView.as_view(),name="success")
]
When I try to access /logon and fill the resulting form,it gives me a
403 CSFR error.
The weird thing is that the user is still created and the login is still
successful,
so if I tried to reload the page of the error it redirects me to the
/success page
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/eb166a71-2cff-f20a-4c20-57554ff2ddc5%40gmail.com.
For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAJ60hW2TW42-X7zMo3SkwFx%2Bd96%2BQKiJROinBXL54DAz-hViDw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment