Hi Matteius, I stumbled across the same problem.
I wanted to carry out a test case using CSRF, and I failed.
I managed to add the csrf_token to my post request, but
apparently this is not enough. Here I will show you the code,
perhaps you will have better luck then...
c = Client(enforce_csrf_checks=True)
response = c.get('/auction/add/') # get a fresh form
print(response.content) # just to have a look
csrf_token = response.context['csrf_token'] # get the token
print('the token is: %s' % csrf_token) # show me the token
# now, we add the token value to the key csrfmiddlewaretoken
# as this is where django CSRF will check it
post_data = {
'csrfmiddlewaretoken': csrf_token,
'item': 'test item',
'price': '154.78',
'end_date': '2011-08-05 19:30:00',
}
# now we can send the post
response = c.post('/auction/add/', post_data)
# now we test the assert
self.assertEqual(response.status_code, 200)
As I said, this still does not work, I get a 403: which refers
to an invalid CSRF token key. If you managed to overcome this
problem, please let us know. So far, I decided
not to use c = Client(enforce_csrf_checks=True) but this is not
a nice solution, is it?
Best!
-Andres
On Jun 10, 8:02 pm, Matteius <matte...@gmail.com> wrote:
> Yes I Have this in the setUp function which causes my POST request to
> get a 403 forbidden because I don't actually include the CSRF field in
> the context as the middleware does on a deployed version of the site.
> I need a function to call or something to get the CSRF context value,
> or a function that I can pass a context which will add it in the
> CSRF. Otherwise there is not much of a point to enable CSRF with the
> test client because you'll get 403 errors.
>
> -Matt
>
> On Jun 10, 1:46 am, Artemenko Alexander <sa...@svetlyak.ru> wrote:
>
>
>
>
>
>
>
> > Hi Matt,
>
> > Use:
>
> > from django.test import Client
> > csrf_client = Client(enforce_csrf_checks=True)
>
> >https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#testing
>
> > 10.06.2011, 08:48, "Matteius" <matte...@gmail.com>:
>
> > > Greetings,
>
> > > I am writing unit tests for my application, and I want to leave CSRF
> > > checks enabled in testing. This means on my POST I am getting 403
> > > because I have not figured out how to add csrf to my context when
> > > using the test client. Please advise on how to most easily do this:
>
> > > # Issue a POST request.
> > > response = self.client.post('/student/open_enrollments/',
> > > {'course': 3})
> > > # Check that the response is 200 OK.
> > > self.assertEqual(response.status_code, 200)
> > > # Verify template is the expected one.
> > > self.assertTemplateUsed(response, 'student_portal/
> > > open_enrollments.html')
> > > # Check that the rendered context contains now 0 Courses.
> > > self.assertEqual(len(response.context['courses']), 0)
>
> > > --
> > > You received this message because you are subscribed to the Google Groups
> > > "Django users" group.
> > > To post to this group, send email to django-users@googlegroups.com.
> > > To unsubscribe from this group, send email to
> > > django-users+unsubscr...@googlegroups.com.
> > > For more options, visit this group
> > > athttp://groups.google.com/group/django-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
