0

I cannot log into the django admin page with valid username and password. I created
a superuser via the "python manage.py createsuperuser" command, then entered details asked, but then when I go to the django admin page and enter the details I created, it gives an error message "Forbidden 403 csrf missing or incorrect".

I tried to update my settings.py file by placing "django.middleware.csrf.CsrfViewMiddleWare" on top

MIDDLEWARE = [
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

but it still doesn't work. I am running my project on a localhost server and keeps on showing me this:

System check identified no issues (0 silenced).
March 13, 2019 - 11:38:30
Django version 2.1.7, using settings 'aps_site.settings'
Starting development server at http://127.0.0.1:8000/
Quit the server with CTRL-BREAK.
[13/Mar/2019 11:38:51] "GET / HTTP/1.1" 200 1944
[13/Mar/2019 11:38:51] "GET / HTTP/1.1" 200 1944
[13/Mar/2019 11:38:54] "GET /login/ HTTP/1.1" 200 2470
[13/Mar/2019 11:38:54] "GET /login/ HTTP/1.1" 200 2470
Forbidden (CSRF token missing or incorrect.): /login/
[13/Mar/2019 11:38:56] "POST /login/ HTTP/1.1" 403 2513
[13/Mar/2019 11:38:56] "GET /login/ HTTP/1.1" 200 2470

I again tried placing the {% csrf_token %} inside my form but still gives an error. Please assist and thank you in advance.

Eden_10
  • 1
  • 1
  • try refering to https://stackoverflow.com/questions/29573163/django-admin-login-suddenly-demanding-csrf-token to this question – shekhar Mar 13 '19 at 10:01
  • Are you sure you are going to the django admin page? I see you are hitting the `/login/` url instead of `/admin/` – Sammy J Mar 13 '19 at 10:02
  • @SammyJ Yes.Even if I go to the admin page and enter details that I created via the superuser command, I still get the error. So I tried making a form then using the {% csrf_token %} but still yields an error – Eden_10 Mar 13 '19 at 12:08

1 Answers1

0

Normally, to go the django admin page ( according to your development server url ) you must type http://127.0.0.1:8000/admin And then, you must see something like that in your url address bare : http://127.0.0.1:8000/admin/login?next=/admin/ You will be asked to enter your credentials.

Please check well the url before ! Hope it can help you.

Rvector
  • 2,312
  • 1
  • 8
  • 17