python - 注册表单不起作用（CSRF 令牌丢失或不正确。） django

问题描述

我正在尝试在管理界面中将用户添加到用户组的注册表单，但由于某种原因，注册表单没有保存在数据库中，而是给了我这个错误 Forbidden (403) CSRF 验证失败。请求中止。失败原因：CSRF 令牌丢失或不正确。 有人可以告诉我我在这里缺少什么吗？

装饰器.py

from django.http import HttpResponse
from django.shortcuts import redirect

def unauthenticated_user(view_func):
  def wrapper_func(request, *args, **kwargs):
    if request.user.is_authenticated:
      return redirect('index')
    else:
      return view_func(request, *args, **kwargs)
  return wrapper_func

def allowed_users(allowed_roles=[]):
    def decorator(view_func):
        def wrapper_func(request, *args, **kwargs):

            group = None
            if request.user.groups.exists():
                group = request.user.groups.all()[0].name

            if group in allowed_roles:
                return view_func(request, *args, **kwargs)
            else:
                return HttpResponse('You are not authorized to view this page')
        return wrapper_func
    return decorator

def admin_only(view_func):
    def wrapper_function(request, *args, **kwargs):
        group = None
        if request.user.groups.exists():
            group = request.user.groups.all()[0].name

        if group == 'user':
            return redirect('home')

        if group == 'admin':
            return view_func(request, *args, **kwargs)

    return wrapper_function

视图.py

@unauthenticated_user   
def sign_up(request):

    data = CreateUserForm()
    if request.method == 'POST':
        data = CreateUserForm(request.POST or None)
        if data.is_valid():
            user = data.save()
            username = data.cleaned_data.get('username')
            group = Group.objects.get(name='user')
            user.groups.add(group)

            messages.success(request, 'Account was created for ' + username)

            return redirect('login')
        

    context = {'info':data,}
    return render(request, 'signup.html', context)

@unauthenticated_user
def login_page(request):

    if request.method == 'POST':
        username = request.POST.get('username')
        password =request.POST.get('password')

        user = authenticate(request, username=username, password=password)

        if user is not None:
            login(request, user)
            return redirect('index')
        else:
            messages.info(request, 'Username OR password is incorrect')

    context = {}
    return render(request, 'signin.html', context)

标签： pythondjangodjango-viewsdjango-forms