did you call {% csrf_token %} in your template html file?
нед, 6. јан 2019. у 18:55 Pasquale <pasqui...@gmail.com> је написао/ла:
> I have the following files:
>
> #views.py
> from django.views.generic.edit import FormView
> from django.views.generic.base import TemplateView
> from braces.views import AnonymousRequiredMixin, CsrfExemptMixin
>
>
> #exempting from Csfr as the worst it can do is making lots of new users
> class LogonView(CsrfExemptMixin, AnonymousRequiredMixin, FormView):
> "the page to create a new user"
>
> from .forms import LogonForm as form_class
> template_name = "registration/logon.html"
> from django.urls import reverse_lazy
> authenticated_redirect_url = reverse_lazy("success")
> success_url = authenticated_redirect_url
>
> def form_valid(self, form):
> u = form.save(commit=False)
> u.set_password(form.cleaned_data["password"])
> u.save()
> from django.contrib.auth import login
> login(self.request, u)
> return super().form_valid(form)
>
>
> class SuccessView(TemplateView):
> template_name = "registration/success.html"
>
>
>
>
> #forms.py
> from django import forms as f
>
>
> class LogonForm(f.ModelForm):
> "The form to create a new user"
>
> # repeat the password form
> password2 = f.CharField(
> label="Please repeat your password",
> widget=f.PasswordInput,
> )
>
> class Meta:
> from django.contrib.auth.models import User as model
> fields = ("username", "email", "first_name", "last_name",
> "password")
> widgets = {"password": f.PasswordInput, }
>
> def clean(self):
> c = super().clean()
> pwd = c.get("password")
> if pwd and pwd == c.get("password2"):
> return c
> raise f.ValidationError(
>
> "You need to repeat the passwords identically")
>
>
>
> #urls.py
> from django.urls import path, include
> from .views import *
>
> urlpatterns = [
> path('', include('django.contrib.auth.urls')),
> path("logon/", LogonView.as_view(), name="logon"),
> path("success/",SuccessView.as_view(),name="success")
> ]
>
>
>
>
> When I try to access /logon and fill the resulting form,it gives me a
> 403 CSFR error.
> The weird thing is that the user is still created and the login is still
> successful,
> so if I tried to reload the page of the error it redirects me to the
> /success page
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/eb166a71-2cff-f20a-4c20-57554ff2ddc5%40gmail.com
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/CAJ60hW2TW42-X7zMo3SkwFx%2Bd96%2BQKiJROinBXL54DAz-hViDw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
