can you tell me How Can I do that? Is it necessary ton use csrf_exempt in APIView for login operation or signup operation?
On Fri, Jan 10, 2020 at 12:30 AM Riyasutheen A <riya3....@gmail.com> wrote: > Hi, > > Use postman interceptor extension in your browser to get correct csrf > token in postman as well. > > Thanks > > On Thu, 9 Jan, 2020, 11:49 PM Soumen Khatua, <soumenkhatua...@gmail.com> > wrote: > >> post method is working on browser but I'm getting the error in post man? >> >> On Thu, Jan 9, 2020 at 10:27 PM Integr@te System < >> datacentral...@gmail.com> wrote: >> >>> Hi Sounen, >>> >>> Inspect this link for which type and setting you like to work with. >>> >>> https://www.django-rest-framework.org/api-guide/authentication/#sessionauthentication >>> >>> Nice. >>> >>> >>> >>> >>> On Thu, Jan 9, 2020, 22:25 Soumen Khatua <soumenkhatua...@gmail.com> >>> wrote: >>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> *class LoginView(APIView): # permission_classes = (AllowAny,) def >>>> post(self, request, format=None): data = request.data email = >>>> data.get('email',None) password = data.get('password',None) >>>> phone_number = data.get('phone_number') if email is not None: >>>> if '@' in email: try: user_obj = >>>> User.objects.filter(email__iexact = email) if >>>> user_obj.exists() and user_obj.first().check_password(password): >>>> # user = UserLoginSerializer(user_obj) >>>> user = authenticate(email = email, password = password) >>>> login(request, user) return >>>> Response({"details":"login successfully"},status = status.HTTP_200_OK) >>>> return Response({"details":"Please signup first"},status = >>>> status.HTTP_404_NOT_FOUND) except User.DoesNotExist: >>>> return Response(status = status.HTTP_404_NOT_FOUND,deatils = >>>> "user not found") elif phone_number is not None: try: >>>> user_obj = User.objects.filter(phone_number__iexact = >>>> phone_number) if user_obj.exists() and >>>> user_obj.first().check_password(password): email = >>>> user_obj[0].email user = authenticate(email = email, >>>> password = password) login(request,user) >>>> return Response({"details":"login successfully"},status = >>>> status.HTTP_200_OK) except User.DoesNotExist: >>>> return Response({"deatils": "user not found"},status = >>>> status.HTTP_404_NOT_FOUND)* >>>> >>>> >>>> *On Thu, Jan 9, 2020 at 8:42 PM Suraj Thapa FC <surajthap...@gmail.com >>>> <surajthap...@gmail.com>> wrote:* >>>> >>>>> *Code...? * >>>>> >>>>> >>>>> *On Thu, 9 Jan 2020, 8:40 pm Soumen Khatua, <soumenkhatua...@gmail.com >>>>> <soumenkhatua...@gmail.com>> wrote:* >>>>> >>>>>> >>>>>> *Hi Folks,* >>>>>> >>>>>> *In django rest framework,I extend the LoginApiView(APIView) but when >>>>>> I'm passing username and password in browser it logn successfully but in >>>>>> post man I'm getting :* >>>>>> >>>>>> >>>>>> >>>>>> *{ "detail": "CSRF Failed: CSRF token missing or incorrect."}* >>>>>> >>>>>> *Do I need to use csrf_exempt inside APIView(post) request?* >>>>>> >>>>>> *If yes, then why it is working some times?* >>>>>> >>>>>> *Thank you in advance* >>>>>> >>>>>> *Regards,* >>>>>> *Soumen* >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> * -- You received this message because you are subscribed to the >>>>>> Google Groups "Django users" group. To unsubscribe from this group and >>>>>> stop >>>>>> receiving emails from it, send an email to >>>>>> django-users+unsubscr...@googlegroups.com >>>>>> <django-users+unsubscr...@googlegroups.com>. To view this discussion on >>>>>> the >>>>>> web visit >>>>>> https://groups.google.com/d/msgid/django-users/CAPUw6WZC3C9WVFwGskF8uYs3pqM0fQLe9MKsqgr4FvNzxzELmw%40mail.gmail.com >>>>>> <https://groups.google.com/d/msgid/django-users/CAPUw6WZC3C9WVFwGskF8uYs3pqM0fQLe9MKsqgr4FvNzxzELmw%40mail.gmail.com?utm_medium=email&utm_source=footer>. >>>>>> * >>>>> >>>>> >>>>> >>>>> >>>>> * -- You received this message because you are subscribed to the >>>>> Google Groups "Django users" group. To unsubscribe from this group and >>>>> stop >>>>> receiving emails from it, send an email to >>>>> django-users+unsubscr...@googlegroups.com >>>>> <django-users+unsubscr...@googlegroups.com>. To view this discussion on >>>>> the >>>>> web visit >>>>> https://groups.google.com/d/msgid/django-users/CAPjsHcEfamWnYiQbK914Y0SV2whkOXFthb3ZvOjBv2aw1-GL6A%40mail.gmail.com >>>>> <https://groups.google.com/d/msgid/django-users/CAPjsHcEfamWnYiQbK914Y0SV2whkOXFthb3ZvOjBv2aw1-GL6A%40mail.gmail.com?utm_medium=email&utm_source=footer>.* >>>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Django users" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to django-users+unsubscr...@googlegroups.com. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/django-users/CAPUw6WZt0_TRLF-ZaFrqJvbcejuqaD_DVD4Z1%2B%3DpZhAwPzT1fA%40mail.gmail.com >>>> <https://groups.google.com/d/msgid/django-users/CAPUw6WZt0_TRLF-ZaFrqJvbcejuqaD_DVD4Z1%2B%3DpZhAwPzT1fA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Django users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to django-users+unsubscr...@googlegroups.com. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/django-users/CAP5HUWrKP32KSfo8AM01zW0PWbgK51Fd%2B-uBaC1BKvauoDGKNA%40mail.gmail.com >>> <https://groups.google.com/d/msgid/django-users/CAP5HUWrKP32KSfo8AM01zW0PWbgK51Fd%2B-uBaC1BKvauoDGKNA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to django-users+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/django-users/CAPUw6WZRxF3qZV6__U8UCqJDz6o_nF5k0yOny3n0bnYQuFGRJQ%40mail.gmail.com >> <https://groups.google.com/d/msgid/django-users/CAPUw6WZRxF3qZV6__U8UCqJDz6o_nF5k0yOny3n0bnYQuFGRJQ%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/CAN57Vood%2Bq7GAFVQkGYtuenojkLW-cOC_KtX47ttM4P5VtRn5g%40mail.gmail.com > <https://groups.google.com/d/msgid/django-users/CAN57Vood%2Bq7GAFVQkGYtuenojkLW-cOC_KtX47ttM4P5VtRn5g%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAPUw6WYidnCj%3DPOL_U3A1ttNqZ%2BCWi89kX%2BHgFUbBatkciwijQ%40mail.gmail.com.
