When you run the application and test the login, what do you see in the devtool's Network tab? Did you see if csrf_token is null? How about document.cookie? Is that also null? Is the document.cookie being passed to csrf_token in other ways?
Lots of ways to complete this in Angular/jQuery/Ajax or otherwise is presented in this document: https://docs.djangoproject.com/en/2.2/ref/csrf/ -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/38a443bb-26be-45e2-8707-f0f9bf6522ba%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
