Django react axios nginx POST 403?

R

reqww2020-07-03 17:27:29

Django

reqww, 2020-07-03 17:27:29

Every time when adding, deleting and any post request, the server throws 403.
I tried it in different ways, nothing came up.
If you add the csrf_exempt decorator to the function, then everything works, but this, of course, does not suit me.

Regarding csrf in settings.py: There are currently no decorators in the function in views.py, like ensure_csrf_cookie, no React axios post request:
CSRF_COOKIE_NAME = 'csrftoken'

import axios from 'axios'
axios.defaults.xsrfHeaderName = 'X-CSRFToken';
axios.defaults.CookieName = 'csrftoken';
const addItemToBasket = async (item, amount = 1) => {
        const data = { uid: item.id, amount: amount, email: store.get('email') }
        const options = {
            method: 'POST',
            url: "http://localhost:8000/cart/add",
            data: qs.stringify(data)
        }
        await axios(options)
            .then((response) => {
                if (response.data !== 'added') {
                    store.set('email', response.data)
                }
                addItemToBasketSuccess(item, amount)
                setFlag()
            })
            .catch((error) => {
                console.log(error);
            });
    }

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Dr. Bacon, 2020-07-03
@reqww

And now, on the case, where are you transferring this token to the server? Well, to check, in the developer tools, open this request and see if this token was passed in the request or in the header.