403 - CSRF token missing or incorrect

Question

Hello I hava a problem with Django, I have a this error:

CSRF token missing or incorrect.

and my code is:

 <h1>Registro de llamadas</h1>


    <form action="{% url 'registro:guardar' %}" method="post">
    {% csrf_token %}
    Duracion: <input type="text" name="duracion"  /> </br>
    Tipo de llamada: 
    <select name="tipo" form="carform">
      <option value="1">Local</option>
      <option value="2">Nacional</option>
      <option value="3">Internacional</option>
    </select>
</br>
<input type="submit" value="Grabar" />
</form>

{% if llamadas %}
    <ul>
    {% for ll in llamadas %}
        <li><a href="a">{{ ll.duracion }}</a></li>
    {% endfor %}
    </ul>
{% else %}
    <p>No tenemos ninguna llamada</p>
{% endif %}

and views.py I have:

from django.http import HttpResponse
from django.template import loader


def index(request):
    template = loader.get_template('registro/index.html')
    return HttpResponse(template.render(request))


def guardar(request):
    template = loader.get_template('registro/index.html')
    return HttpResponse(template.render(request))

Please some help, I searched other question but not solve my problem.

THanks!

Have you got `'django.middleware.csrf.CsrfViewMiddleware',` in your middleware settings? — markwalker_, Jun 09 '16 at 15:40

score 2 · Answer 1 · answered Jun 09 '16 at 15:41

For the CSRF token to work properly you need to include a RequestContext when you use your template.

To avoid the extra boilerplate this involves django comes with a shortcut function which adds this for you automatically when rendering a template. This is django.shortcuts.render.

To use this change your view to be.

from django.shortcuts import render

def guardar(request):
    return render(request, 'registro/index.html', {})

For more information this page of the Django docs is very useful.

score 1 · Answer 2 · answered Jun 09 '16 at 15:56

The problem is that request is the second argument to the template.render() method, but you are passing it as the first.

You can fix your views as follows:

def index(request):
    template = loader.get_template('registro/index.html')
    return HttpResponse(template.render(request=request))

def guardar(request):
    template = loader.get_template('registro/index.html')
    return HttpResponse(template.render(request=request))

As Simon suggests in his answer, it is easier to use the render shortcut instead of manually loading and rendering the template.

from django.shortcuts import render

def index(request):
    return render(request, 'registro/index.html', {})

def guardar(request):
    return render(request, 'registro/index.html', {})

Oztro · Accepted Answer · 2016-06-09T17:04:58.953

0

change your view.py:

from django.views.decorators.csrf import csrf_exempt
from django.shortcuts import render

@csrf_exempt
def guardar(request,username=None, errmsg=None):
    template = 'registro/index.html'
    ctx = {}
    render(request, template, ctx)

edited Jun 09 '16 at 17:04

answered Jun 09 '16 at 15:37

Oztro

86
1
12

no, nothing change – christian russo Jun 09 '16 at 15:38
I edited the view, try do it again – Oztro Jun 09 '16 at 15:50
2

Please don't recommend `render_to_response`, it has been obsoleted by `render` for years. – Alasdair Jun 09 '16 at 15:54
thanks I don't knew it – Oztro Jun 09 '16 at 16:03
The `render` shortcut takes the template name (e.g. 'registro/index.html'). – Alasdair Jun 09 '16 at 16:16

403 - CSRF token missing or incorrect

3 Answers3