i am trying to do a login in django but i get this error, i check the CSRF documentation and nothing works for me.
Here is the HTML:
<body> <section class="container"> <div class="login"> <h1>Login to Web App</h1> {% if form.errors %} <p class="error">Lo sentimos, la combinacion de usuario y contrasena no es correcta!</p> {% endif %} <form action="/accounts/auth/" method="post"> {% csrf_token %} <input type='hidden' name='csrfmiddlewaretoken' value='randomchars'/> <p><input name="username" type="text" name="login" value="" placeholder="Username"></p> <p><input name="password" type="password" name="password" value="" placeholder="Password"></p> <p class="submit"><input type="submit" name="commit" value="Login"></p> </form> </div> </body>
Like you see above i use the {% csrf_token %} and i have ‘django.middleware.csrf.CsrfViewMiddleware’ in my installed apps.
And my views are:
from django.http import HttpResponse,HttpResponseRedirect from django.template.loader import get_template from django.template import Context from datetime import datetime from django.shortcuts import render_to_response from django.http import HttpResponseRedirect from django.contrib import auth from django.core.context_processors import csrf from models import * from django.shortcuts import get_object_or_404 from forms import * from django.template.context import RequestContext from django.contrib.auth.decorators import login_required from django.contrib.auth import authenticate, login def login(request): c = {} c.update(csrf(request)) return render_to_response('login.html', c) def auth_view(request): username = request.POST['username'] password = request.POST['password'] user = authenticate(username=username, password=password) if user is not None: auth.login(request.user) return HttpResponse('/accounts/loggedin') else: return HttpResponse('/accounts/invalid')
i redirect to an other HTML file where i dont use the {% csrf_token %}.