1. 首頁
  2. 問答
  3. 在Django ajax後csrf令牌失蹤請求工作使用獲取請求

在Django ajax後csrf令牌失蹤請求工作使用獲取請求

2016-09-07 83 views
0

我正在與metronic數據表,其中我有一個文件,其中ajax函數的工作。問題是,當我在ajax函數中使用類型「GET」時,它可以工作,但是在POST中它不起作用,並且它在控制檯中給CSRF令牌缺少錯誤,但是在GET的情況下它不會給出任何錯誤,我使用的是django框架我的網站和我的AJAX功能是: -在Django ajax後csrf令牌失蹤請求工作使用獲取請求

"ajax": { // define ajax settings 
    "url": document.URL, // ajax URL 
    "type": "POST", // request type 
    "timeout": 20000, 
    "data": function(data) { // add request parameters before submit 
     $.each(ajaxParams, function(key, value) { 
      data[key] = value; 
     }); 
     Metronic.blockUI({ 
      message: tableOptions.loadingMessage, 
      target: tableContainer, 
      overlayColor: 'none', 
      cenrerY: true, 
      boxed: true 
     }); 
    }, 
}

urls.py文件是:

from django.conf.urls import url 
from . import views 

urlpatterns = [ 
    url(r'^$', views.index, name='index'), 
    url(r'^logout$', views.logout, name='logout'), 
    url(r'^dashboard$', views.dashboard, name='dashboard'), 
    url(r'^profile$', views.profile, name='profile'), 
    url(r'^edit-profile$', views.edit_profile, name='edit-profile'), 
    url(r'^check-password$', views.check_password, name='check-password'), 
    url(r'^help$', views.faq_management, name='help'), 
    url(r'^testing$', views.testing_database, name='testing'), 
    url(r'^add-faq$', views.add_faq, name='add-faq') 
]

該功能相關的看法是:

from django.http import HttpResponse 
from django.shortcuts import render, redirect 
from django.core.exceptions import ObjectDoesNotExist 
from models import Admin, Help 
from django.contrib import messages 
from django.utils.html import escape 
from .forms import ImageUploadForm 
import json 
from datetime import datetime 

def faq_management(request): 
if 'admin_id' in request.session: 
    if request.method == 'GET': 
     if request.is_ajax(): 
      ajax_data = request.GET 
      if ajax_data['length'] !=-1 : 
       limit = ajax_data['length'] 
      else : 
       limit="all" 
      questions = Help.objects.all().filter().values('id','question','description','status','created','modified').order_by('-id') 
      datalist = [] 
      i=1; 
      for que in questions: 
       if(que['status']=='1'): 
        checked='on' 
       else: 
        checked='off' 
       actionValues='<a title="Edit" class="btn btn-sm green margin-top-10" href=""> <i class="fa fa-edit"></i></a>'; 
       inner_data_list = [ 
        i, 
        que['question'], 
        (que['description'][:150] + '..') if len(que['description']) > 150 else que['description'], 
        '<div id=%s class="bootstrap-switch bootstrap-switch-%s bootstrap-switch-wrapper bootstrap-switch-animate toogle_switch"><div class="bootstrap-switch-container" ><span class="bootstrap-switch-handle-on bootstrap-switch-primary">&nbsp;Active&nbsp;&nbsp;</span><label class="bootstrap-switch-label">&nbsp;</label><span class="bootstrap-switch-handle-off bootstrap-switch-default">&nbsp;Inactive&nbsp;</span></div></div>'%(que['id'],checked), 
        que['created'], 
        que['modified'], 
        actionValues 
       ] 
       datalist.append(inner_data_list) 
       i += 1 
      iTotalRecords=questions.count() 
      iDisplayLength = int(ajax_data['length']); 
      iDisplayStart = int(ajax_data['start']); 
      if iDisplayLength < 0 : 
       iDisplayLength = iTotalRecords 
      sEcho = int(ajax_data['draw']) 
      records = {} 
      records['data'] = {} 
      records['data'] = {} 
      records['data'] = datalist 
      records['customActionStatus'] = {} 
      records['customActionMessage'] = {} 
      records['draw'] = {} 
      records['recordsTotal'] = {} 
      records['recordsFiltered'] = {} 
      if request.GET.get('customActionType', '') == 'group_action': 
       records['customActionStatus'] = 'OK' 
       records['customActionMessage'] = 'Group action successfully has been completed. Well done!' 
      records["draw"] = sEcho 
      records["recordsTotal"] = iTotalRecords 
      records["recordsFiltered"] = iTotalRecords 
      return HttpResponse(json.dumps(records, default=json_serial)) 

     admin = Admin.objects.get(pk = request.session["admin_id"]) 
     return render(request, 'admin/faq-manage.py', { 
      'adminInfo': admin, 
     }) 
else: 
    messages.add_message(request, messages.ERROR, 'ERROR! Kindly login first.') 
    return redirect(index)

來源

2016-09-07 Pankaj

+0

告訴我你的'urls.py'和功能'views.py'相關阿賈克斯功能 – 6londe

+0

我已經有問題顯示視圖和文件 – Pankaj

回答

1

你沒有得到錯誤與GET,因爲只有POST請求需要CSRF令牌。

看看這個主題中的文檔 - https://docs.djangoproject.com/en/dev/ref/csrf/

來源

2016-09-08 09:43:40 4140tm

+0

是的,我知道,但是我必須運行它來發布請求,這就是爲什麼它給我錯誤的csrf令牌失蹤。 – Pankaj

+0

閱讀我發佈的鏈接。它解釋瞭如何通過ajax傳遞令牌。還有其他方法,但你會明白。 SO上的其他答案提供了不同的方法。 – 4140tm

相關問題

 相關問題