Mike Kilmer
unread,Jun 17, 2022, 11:48:22 AM6/17/22Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Sign in to report message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to django...@googlegroups.com, chris angelico, Jean Wainer
Hi.
I'm fairly new to Django. Here's what I need insight on:
Local server, no issue.
On production: CSRF 403 error on login.
There's a cookie loaded on the login page containing csrftoken: pAFeeUI8YFXZ2PKRYxOTX1qz4Xgto42WVNi7FFvBlZDqcFLwQ2rdQvVeZBHFSpLW
(Local and Session storage are empty)
In the FORM element:
<input type="hidden" name="csrfmiddlewaretoken" value="Vz4FiujD4qkLpxCwWNJU0HCWs4u0Qf4RrMHyJf66rK0cznDbOimeTb7BnIVckANR">
Notice they don't match.
I tried running ./migrate.py clearsessions.
Once, yesterday, it seemed that the error did not occur in an Incognito Window, but today it persists even in an incognito window, as well as a different browser.
One additional piece of information, I have allauth installed, but it doesn't seem to be correctly configured. It's login page is not loading.
Additionally, the problem was there even when I removed allauth from Apps and Authentication Backends.
Thanks much.
–Mike