Declacre CSRF-Token in forms.py

Question

I'm using Djangos CSRF-Token the way it's mostly described on the internet:

MyFormPage.html

<form method="POST">  
        {% csrf_token %}  
        {{ form.as_p }}  
</form>

But I wonder - is there a way to include it somehow directly in the forms.py?

score 1 · Answer 1 · answered Sep 13 '19 at 11:17

1

I don't know if this is a good practice or not, but you can do something like:

from django.middleware import csrf

class SomeForm(forms.Form):
    csrfmiddlewaretoken = forms.CharField(widget=forms.HiddenInput(), initial=csrf._get_new_csrf_token())

The rendered input field will be:

<input type="hidden" name="csrfmiddlewaretoken" value="Hsw4uH5jbioQhaWrgAtGgEVp5GbnXIrayuvTqbbABaSxPbGJqksEIxVI4zJW8VVj" id="id_csrfmiddlewaretoken">

answered Sep 13 '19 at 11:17

Nalin Dobhal

2,292
2
10
20

Quite interesting it's possible to add it that way. Agree on your question - I'm not sure either if it's supposed to be done like that. – Qohelet Sep 13 '19 at 11:42
later I will check if a form can be submitted with this method. – Nalin Dobhal Sep 13 '19 at 11:53

Declacre CSRF-Token in forms.py

1 Answers1