I have a website whose frontend sends a request with a CSRF token and I am storing it in the backend. I will use it verify users and prefill the data in some fields like email and name or even take him to a page where he left off. Is it the correct way to do it? This is for the user who is not registered. Tech stack is React with Redux and Django.
Asked
Active
Viewed 106 times
0
-
I think you'd be better off trying to use part of Django's session management for handling user authentication and sessions rather than the CSRF token. – schillingt May 21 '20 at 18:12
-
@schillingt can you elaborate more? this is for the user who is not registered. – mohammed_ayaz May 22 '20 at 13:51
-
1I'd force them to re-authenticate, then redirect them to where they left off. – schillingt May 22 '20 at 14:19