When you run the application and test the login, what do you see in the devtool's Network tab? Did you see if csrf_token is null? How about document.cookie? Is that also null? Is the document.cookie being passed to csrf_token in other ways?
Lots of ways to complete this in Angular/jQuery/Ajax or otherwise is presented in this document: https://docs.djangoproject.com/en/2.2/ref/csrf/ -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/38a443bb-26be-45e2-8707-f0f9bf6522ba%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
