django csrf_token缺少错误

时间:2017-05-13 06:10:48

标签: python django django-csrf

当我尝试注册时,我收到错误:

  

禁止(403)   CSRF验证失败。请求中止。

我的代码:

@csrf_protect
def register(request):
    if request.method == 'POST':
        form = RegistrationForm(request.POST, request.FILES)
        if form.is_valid():
            first_name = form.cleaned_data.get("firstname")
            last_name = form.cleaned_data.get("lastname")
            username = form.cleaned_data.get("username")
            password = form.cleaned_data.get("password")
            user = User.objects.create_user(username=username,password=password)
            user.first_name = first_name
            user.last_name = last_name
            user.set_password(password)
            user.is_active = True
            user.save()
            return HttpResponseRedirect('/home/')
    else:
        form = RegistrationForm()
    return render_to_response('registration/registerHome.html',dict(form=form,
        context_instance=RequestContext(request) ) )

my form.py 

class RegistrationForm(forms.Form):
    """
    A registration form to create normal user.
    """
    firstname = forms.RegexField(regex=r'^\[a-zA-Z]+$',
        widget=forms.TextInput(attrs={ 'required':True,
            'max_length':30,
            'autocomplete':'off',
            'class':'form-control input-sm',
            'placeholder':'First Name' }),
        error_messages={ 'invalid': _("Only alphabets are allowed.") }
        )
    lastname = forms.RegexField(regex=r'^\[a-zA-Z]+$',
        widget=forms.TextInput(attrs={ 'required':True,
            'max_length':30,
            'autocomplete':'off',
            'class':'form-control input-sm',
            'placeholder':'Last Name' }),
        error_messages={ 'invalid': _("Only alphabets are allowed.") }
        )
    username = forms.RegexField(regex=r'^\w+$',
        widget=forms.TextInput(attrs={'required':True,
            'max_length':30,
            'autocomplete':'off',
            'class':'form-control input-sm',
            'placeholder':'username'}),
        error_messages={ 'invalid': _("Only [a-z A-Z 0-9 _] are allowed.") }
        )
    password = forms.CharField(widget=forms.PasswordInput(attrs={
            'required':True,
            'max_length':30,
            'autocomplete':'off',
            'class':'form-control input-sm',
            'placeholder':'password',
            'render_value':False })
            )

    def clean_username(self):
        try:
            user = User.objects.get(username__iexact=self.cleaned_data['username'])
        except User.DoesNotExist:
            return self.cleaned_data['username']
        raise forms.ValidationError(_("Username already exists."))

    class Meta:
        model = User

我的template.html 

<form action="." method="post" role="form" id="register-form">
                            {% csrf_token %}
                            {{ form.as_p }}
                            <input type="submit" value="submit" />
                        </form>

有人,请帮助我,为什么我收到错误。我试图解决这个问题1周仍然得到错误。请帮帮我。

4 个答案:

答案 0 :(得分:1)

您应该使用render并添加else

然后做

def register(request):
    if request.method == 'POST':
        form = RegistrationForm(request.POST, request.FILES)
        if form.is_valid():
            first_name = form.cleaned_data.get("firstname")
            last_name = form.cleaned_data.get("lastname")
            username = form.cleaned_data.get("username")
            password = form.cleaned_data.get("password")
            user = User.objects.create_user(username=username,password=password)
            user.first_name = first_name
            user.last_name = last_name
            user.set_password(password)
            user.is_active = True
            user.save()
            return HttpResponseRedirect('/home/')
        else:
            return render(request, 'registration/registerHome.html',dict(form=form)))
    else:
        form = RegistrationForm()
    return render(request, 'registration/registerHome.html',dict(form=form)))

答案 1 :(得分:0)

尝试这样的事情。我记得前一段时间我遇到了同样的问题并宣布c字典并将其传递给render_to_response解决了我的问题。

@csrf_protect
def register(request):
    if request.method == 'POST':
        # do your post stuff here
        pass
    else:
        c = {}
        c['form'] = RegistrationForm()
        c['context_instance'] = RequestContext(request)
        return render_to_response('registration/registerHome.html',c )

答案 2 :(得分:0)

尝试使用https://docs.djangoproject.com/en/1.11/topics/http/shortcuts/#render 

from django.shortcuts import render
@csrf_protect
def register(request):
    if request.method == 'POST':
        form = RegistrationForm(request.POST, request.FILES)
        if form.is_valid():
            first_name = form.cleaned_data.get("firstname")
            last_name = form.cleaned_data.get("lastname")
            username = form.cleaned_data.get("username")
            password = form.cleaned_data.get("password")
            user = User.objects.create_user(username=username,password=password)
            user.first_name = first_name
            user.last_name = last_name
            user.set_password(password)
            user.is_active = True
            user.save()
            return HttpResponseRedirect('/home/')
    else:
        form = RegistrationForm()
    return render(request, 'registration/registerHome.html',dict(form=form) ) )

答案 3 :(得分:0)

只要添加了csrf中间件,就不需要使用@csrf_protect装饰器。中间件为所有视图提供全面保护 - 添加装饰器是多余的。 Django文档建议在装饰器上使用中间件,因为它提供了更好的保护。

删除装饰器后尝试。

相关问题
最新问题