According to the docs you just need to add
{% csrf_token %}
to each form.
sorry for the noise.
On Dec 30, 5:15 pm, aaron <[email protected]> wrote:
> okay, so I added a url directing accounts/login requests to a view
> which in turn directs it to the login.html template suggested at
>
> http://docs.djangoproject.com/en/dev/topics/auth/
>
> Which is:
>
> {% extends "base.html" %}
> {% load url from future %}
>
> {% block content %}
>
> {% if form.errors %}
> <p>Your username and password didn't match. Please try again.</p>
> {% endif %}
>
> <form method="post" action="{% url 'django.contrib.auth.views.login'
> %}">
> {% csrf_token %}
> <table>
> <tr>
> <td>{{ form.username.label_tag }}</td>
> <td>{{ form.username }}</td>
> </tr>
> <tr>
> <td>{{ form.password.label_tag }}</td>
> <td>{{ form.password }}</td>
> </tr>
> </table>
>
> I've taken out the "base.html" stuff. When I now submit a user and
> login (even though I've not yet created a user) I expect to see {% if
> form.errors %}
> <p>Your username and password didn't match. Please try again.</p>
> {% endif %}
>
> However instead I get an error: CSRF verification failed. Request
> aborted.
>
> Any ideas?
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
