Hello Guys,
for my projects, i need to be able to use login_ajax from other subdomains which are not manage by django,
so for sure will gonna have issue with the CSRF token, but i were thinking by adding my others subdomains into CSRF_TRUSTED_ORIGINS but unfortunatly is not working, i still get 403 for now this only stuff i found is adding @csrf_exempt to the method login_user but is not very safe, do you have any idea to improve the security for this specific issue ?
Best