Django why i still got CSRF verification failed?

Question

my template is below:

  <div id="divLogin">
                {% block login %}
                <form action="/login" method="post">
                    {% csrf_token %}
                    <label for="id_name"></label><input type="text" name="email" id="id_name" placeholder="Your Email">
                    <label for="id_pass"></label><input type="password" name="password" placeholder="Your Password">
                    <input type="submit" id="btnLogin" value="Log In" class="btn">
                </form>
                {% endblock %}
            </div>

I have already add {% csrf_token %} in template, and my login view is

def login_view(request):
    if request.method == 'POST':
        useremail=request.POST['email']
        password=request.POST['password']
        try:
            user=User.objects.get(email=useremail)
            if user.check_password(password):
                uAuth=authenticate(username=user.username,password=password)
                login(request,uAuth)
                return render_to_response("blog.html",{'loginuser':user},context_instance=RequestContext(request))
        except User.DoesNotExist:
            return redirect('/')
    return redirect('/')

Even i used render_to_response and RequestContext i still got error. there is one thing very wired, i put a breakpoint to login_view method, but csrf error point out before it go into login_view methond. so there is no response about this method?

Is there anything wrong about my code?

I have add django.middleware.csrf.CsrfViewMiddleware in MIDDLEWARE_CLASSES in my settings.py.

@VictorCastilloTorres i can't get traceback, `CSRF verification failed` error shows before goes to Login_view method. @Rohan, what do you mean handle GET request? — Jack Zhang, Jul 27 '13 at 06:01

score 0 · Answer 1 · answered Jul 27 '13 at 05:33

You must use redirect after post.

Redirect to a view that renders your template.

def login_view(request):
    if request.method == 'POST':
        useremail=request.POST['email']
        password=request.POST['password']
        try:
            user=User.objects.get(email=useremail)
            if user.check_password(password):
                uAuth=authenticate(username=user.username,password=password)
                login(request,uAuth)
                return HttpResponseRedirect('/someurl')
        except User.DoesNotExist:
             return redirect('/')
    else:
        return render_to_response('login.html',context_instance=RequestContext(request))


def someurl(request):
    if request.method == 'GET':
         render_to_response("blog.html",    
               {'loginuser':user},context_instance=RequestContext(request))

I try you method, but it still doesn't work. it seems that login_view method never been executed, because i can't debug into that. i don't know what the problem is. — Jack Zhang, Jul 27 '13 at 06:11
how do you render the above template?can post the full view? — rjv, Jul 27 '13 at 06:20

Django why i still got CSRF verification failed?

1 Answers1