1. 首页
  2. 问答
  3. CSRF令牌丢失或在Django

CSRF令牌丢失或在Django

2017-02-01 103 views
2

views.pyCSRF令牌丢失或在Django

from django.shortcuts import render 
from django.contrib.auth.decorators import login_required 
from django.http import HttpResponse 
import MySQLdb 
from django.shortcuts import render_to_response 
from django.shortcuts import HttpResponseRedirect 
from django.template.loader import get_template 
from django.template import Context, Template,RequestContext 
import datetime 
import hashlib 
from random import randint 
import random 
from django.views.decorators.csrf import csrf_protect, csrf_exempt 
from django.template.context_processors import csrf 
import requests 
from django.template import RequestContext 
from log.forms import * 

@csrf_protect 
def register(request): 
    if request.method == 'POST': 
     form = RegistrationForm(request.POST) 
     if form.is_valid(): 
      user = User.objects.create_user(
      username=form.cleaned_data['username'], 
      password=form.cleaned_data['password1'], 
      email=form.cleaned_data['email'] 
      ) 
      return HttpResponseRedirect('/register/success/') 
    else: 
     form = RegistrationForm() 
    variables = RequestContext(request, { 
    'form': form 
    }) 

    return render_to_response(
    'register.html', 
    variables, 
    ) 
    # return render(request,"recharge.html") 
def register_success(request): 
    return render_to_response(
    'registration/success.html', 
    ) 

base.html 

<form method="post" action="."> {% csrf_token %} 
     <table border="0"> 
       { form.as_table }} 
     </table> 
    <button type="submit" value="Register">Register</button> 
    <button type="button" onclick="window.location.href='/' ">Login</button> 
</form>

register.html

不正确

settings.py

TEMPLATES = [ 
    { 
     'BACKEND': 'django.template.backends.django.DjangoTemplates', 
     'DIRS': [os.path.join(BASE_DIR, 'templates')], 
     'APP_DIRS': True, 
     'OPTIONS': { 
      'context_processors': [ 
       'django.template.context_processors.debug', 
       'django.template.context_processors.request', 
       'django.contrib.auth.context_processors.auth', 
       'django.contrib.messages.context_processors.messages', 
      ], 
     }, 
    }, 
]

我的Django的版本:1.10.4

我怎样才能解决这个问题?

来源

2017-02-01 Venkatesh Panabaka

+0

是否可以发送检查或呈现HTML? –

+0

呈现的HTML意味着你想注册html吗? –

+0

是的请..所以我们可以帮你ü –

回答

5

呼叫render_to_response这样的:

from django.template import RequestContext 

@csrf_protect 
def register(request): 
    # ... 

    return render_to_response(
     'register.html', 
     {'form': form}, 
     RequestContext(request) 
    )

只是使用渲染快捷方法

@csrf_protect 
def register(request): 
    # ... 
    return render(request, 'register.html', {'form': form})

1.8 docs

渲染()是相同的,以一个呼叫render_to_response()与一个context_instance参数tha t强制使用RequestContext。

来源

2017-02-01 09:51:08 mislavcimpersak

+0

我们可以删除csrf_protect,因为默认情况下会为发布请求验证csrf_token。 – MicroPyramid

+0

我试过了,但它不适用于我 –

+0

您是否尝试过使用'render'方法,而不是'render_to_response'?我的答案的第2部分? – mislavcimpersak

相关问题

 相关问题