Skip to content

Error in Django 1.10.5 - previously working #41

New issue
New issue
Open
Open
Error in Django 1.10.5 - previously working#41
@tulpn

Description

@tulpn
tulpn
opened on Feb 11, 2017

Hi there,

I have been using the django-session-csrf successfully for quite some time. But recently I have received an error in my login page:

UserWarning: A {% csrf_token %} was used in a template, but the context did not provide the value.  This is usually caused by not using RequestContext.

I have the exact setup as described in the readme.

I am using a FBV for the login with the @anonymous_csrf decorator.

@anonymous_csrf
def login_solo(request):
    if request.user.is_authenticated():
        return redirect('/')

    context = {}
    if request.GET.get('next'):
        next_url = request.GET.get('next', "")
        context.update({'next': next_url})

    form = LoginForm(request.POST or None)
    if request.POST:
        if form.is_valid():
            email = form.cleaned_data['email']
            password = form.cleaned_data['password']
            if email and password:
                user = authenticate(email=email, password=password)
                if user is not None:
                    if user.has_fa_enabled():
                        request.session['user_id'] = user.id
                        return redirect(reverse("login_tfa"))
                    else:
                        login(request, user)
                        if user.language is not None:
                            set_user_language(request, user.language.lang_code)
                        render(request, 'login/login_success.html', context)
                else:
                    message = log_failed_login_attempt(request, email)
                    if message != "":
                        messages.error(request, message)

    context.update({'form': form})
    return render(request, 'login/login_solo.html', context)

When I successfully login I like to redirect, which did not work anymore, so my current test code is as above. The line

render(request, 'login/login_success.html', context)

Throws the error and I am presented with a CSRF Failure view.

In my template I am using

{% csrf_token %}

From my setttings.py:

TEMPLATES = [....
'OPTIONS': {
            'context_processors': [
                'django.contrib.auth.context_processors.auth',
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.template.context_processors.i18n',
                'django.template.context_processors.media',
                'django.template.context_processors.static',
                'django.template.context_processors.tz',
                'django.contrib.messages.context_processors.messages',
                'session_csrf.context_processor',
...


MIDDLEWARE_CLASSES = (
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.locale.LocaleMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'session_csrf.CsrfMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
....
...

I currently run the app via runserver on localhost and proxy via gunicorn.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions