django-rest-framework-docs icon indicating copy to clipboard operation
django-rest-framework-docs copied to clipboard
verified publisher icon manosim

Live API csrftoken problem

Open limdauto opened this issue 9 years ago • 1 comments

Hello again,

How has everyone solved the missing csrftoken problem with the liveapi feature? I had to hack the liveapi client to set the X-CSRFTOKEN header by reading from the cookie. I wonder if it's the library's responsibility to do that?

limdauto avatar Jul 11 '16 20:07 limdauto

Issue is still open, so it might help someone. I had similar issue when using both TokenAuthentication and SessionAuthentication backends. When user is logged in via regular django rest framework login form, django always will check for csrftoken. Trying to get authtoken without csrftoken then results in failure. Solution is to just log out, then csrftoken is not required, and you can work with api using just authtoken.

Xazzzi avatar Nov 22 '16 10:11 Xazzzi