Hi Kean, First need to close the proper tags
I seen your code form tag is not closed properly. Once first form tag closed than write the code csrf token On Tue, 27 Aug, 2019, 7:30 PM Kean, <[email protected]> wrote: > Hi Ajeet, thanks for code, > however after i press submit i get the > > Forbidden (403) > CSRF verification failed. Request aborted. > Help > Reason given for failure: > > CSRF token missing or incorrect. > > > In general, this can occur when there is a genuine Cross Site Request > Forgery, or when Django's CSRF mechanism > <https://docs.djangoproject.com/en/2.2/ref/csrf/> has not been used > correctly. For POST forms, you need to ensure: > > - Your browser is accepting cookies. > - The view function passes a request to the template's render > > <https://docs.djangoproject.com/en/dev/topics/templates/#django.template.backends.base.Template.render> > method. > - In the template, there is a {% csrf_token %} template tag inside > each POST form that targets an internal URL. > - If you are not using CsrfViewMiddleware, then you must use > csrf_protect on any views that use the csrf_token template tag, as > well as those that accept the POST data. > - The form has a valid CSRF token. After logging in in another browser > tab or hitting the back button after a login, you may need to reload the > page with the form, because the token is rotated after a login. > > You're seeing the help section of this page because you have DEBUG = True in > your Django settings file. Change that to False, and only the initial > error message will be displayed. > You can customize this page using the CSRF_FAILURE_VIEW setting. > > my template is referencing csrf_token > > template.html > > <!DOCTYPE html> > <html> > <head> > <title>Customer</title> > </head> > <body> > <h8> "Customer register" </h8> > <div> > <div class = "container" > > <form method="POST" > {% csrf_token %} > {{ form.as_p }} > <input type="submit" /> > </form> > </div> > </div> > </body> > </html> > > > Am i doing something wrong? > > Best, > K > > On 25 Aug 2019, at 08:57, Ajeet Kumar Gupt <[email protected]> > wrote: > > Hi, > > Please use the below code. > > views.py > __________________ > > def user_register(request): > # if this is a POST request we need to process the form data > template = 'mymodule/register.html' > # template = 'index.html' > if request.method == 'POST': > # create a form instance and populate it with data from the request: > form = RegisterForm(request.POST) > # check whether it's valid: > if form.is_valid(): > if > User.objects.filter(username=form.cleaned_data['username']).exists(): > return render(request, template, { > 'form': form, > 'error_message': 'Username already exists.' > }) > elif > User.objects.filter(email=form.cleaned_data['email']).exists(): > return render(request, template, { > 'form': form, > 'error_message': 'Email already exists.' > }) > elif form.cleaned_data['password'] != > form.cleaned_data['password_repeat']: > return render(request, template, { > 'form': form, > 'error_message': 'Passwords do not match.' > }) > else: > # Create the user: > user = User.objects.create_user( > form.cleaned_data['username'], > form.cleaned_data['email'], > form.cleaned_data['password'] > ) > user.first_name = form.cleaned_data['first_name'] > user.last_name = form.cleaned_data['last_name'] > user.phone_number = form.cleaned_data['phone_number'] > user.save() > return redirect('/login/') > # Login the user > #login(request, user) > #def user_login(request): > # redirect to accounts page: > #return render(request, '/login.html') > # return HttpResponseRedirect(return, '/login.html') > # No post data availabe, let's just show the page. > else: > form = RegisterForm() > return render(request, template, {'form': form}) > > > On Sat, Aug 24, 2019 at 8:34 PM Kean <[email protected]> wrote: > >> Hi, >> >> New to Django. >> I've created a user registration form, the issue is it does not run >> validations or report errors with the data entered. It simply routes to the >> redirect url. >> Please can I ensure the user sees the correct error in a post case >> scenari for both a django form, and customsied django form. >> >> forms.py >> >> class UserRegisterForm(UserCreationForm): >> email = forms.EmailField() >> >> class Meta: >> model = User >> fields = 'username', 'email', 'password1', 'password2' >> >> Views.py >> >> def register(request): >> if request.method == 'POST': >> form = UserRegisterForm(request.POST) >> if form.is_valid(): >> form.save() >> username = form.cleaned_data.get('username') >> messages.success(request, f'Account created for {username}') >> return HttpResponseRedirect('cprofile') >> else: >> form = UserRegisterForm() >> context = {'form': form} >> return render(request, "register.html", context,) >> >> template.html >> >> <head> >> <title>Registration</title> >> </head> >> <body> >> <br> >> <div class = "container"> >> <form method = "POST"> >> {% csrf_token %} >> <fieldset class="form"> >> <legend class="border-bottom mb-2">Register</legend> >> {{ form|crispy }} >> {% if messages %} >> {% for messages in messages %} >> <div class="alert alert{{ message.tag }}"> >> {{ messages }} >> </div> >> {% endfor %} >> {% endif %} >> </fieldset> >> <br> >> <div class = "form"> >> <button class ="btn btn-outline-info" type="submit">Register</button> >> >> Any help would be much appreciated >> >> Best, >> >> K >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/django-users/5a003506-de8d-4587-863d-3fc26e4c45c1%40googlegroups.com >> <https://groups.google.com/d/msgid/django-users/5a003506-de8d-4587-863d-3fc26e4c45c1%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> > > > -- > > > > > > > *Thanks & Regards* > Ajeet Kumar Gupt > +91-9311232332 > > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CA%2BTqRsv-ys4ypYKQddEUF1EiH1Zvi7coMYegJ-_brqiQQFGVJg%40mail.gmail.com.
