Django Rest Viewset Error: "CSRF Failed: CSRF token missing or incorrect."

Question

I'm using Django Rest Framework. I have the standard API endpoints (/login, /logout, /registration...) and I can use them without any problems but when I want to create a new record I got this "Csrf token missing" error.

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

if PRODUCTION:
    MIDDLEWARE += ['django.middleware.csrf.CsrfViewMiddleware']

these are my middleware and I'm in develop mode now so there is no CsrfViewMiddleware. I'm using ModelViewSets and ModelSerializers. I've tried using @csrf_exempt decorator but it didn't work, I had the same error. I want to use my code without having csrf token for development mode, do you guys have any idea what should I do?

`SessionAuthentication` checks the csrf. Are you using it in your authentication classes? — Brian Destura, Apr 12 '22 at 07:38
yes, but what should I use as an Authentication class instead of that? — Maryam Houshyari, Apr 12 '22 at 08:21
If you're using SessionAuthentication you'll need to include valid CSRF tokens for any POST, PUT, PATCH or DELETE operations. This might help: https://stackoverflow.com/a/30875830/11282077 — Siva Sankar, Apr 12 '22 at 12:31

Django Rest Viewset Error: "CSRF Failed: CSRF token missing or incorrect."

0 Answers0