I did add this but no change!!! Just keep getting that CSRF token error when trying to access admin!! Which is strange as the CSRF token is predominantly for POST methods.
# SECURITY WARNING: don't run with debug turned on in production! DEBUG = True ALLOWED_HOSTS = [] CSRF_TRUSTED_ORIGIN = ( 'https://8000-famouswelsh-djangosetup-7vkpsqt0kez.ws-eu90.gitpod.io/') # Application definition On Sunday, March 12, 2023 at 12:57:19 PM UTC Muhammad Juwaini Abdul Rahman wrote: > Have you tried my suggestion? > > On Sun, 12 Mar 2023 at 20:32, James Hunt <newbyp...@gmail.com> wrote: > >> I have literally set this up today just to prove that it happens for >> every Django project setup!!! >> >> So this is my settings : >> >> >> """ >> Django settings for DjangoTest project. >> >> Generated by 'django-admin startproject' using Django 4.1.7. >> >> For more information on this file, see >> https://docs.djangoproject.com/en/4.1/topics/settings/ >> >> For the full list of settings and their values, see >> https://docs.djangoproject.com/en/4.1/ref/settings/ >> """ >> >> from pathlib import Path >> >> # Build paths inside the project like this: BASE_DIR / 'subdir'. >> BASE_DIR = Path(__file__).resolve().parent.parent >> >> >> # Quick-start development settings - unsuitable for production >> # See https://docs.djangoproject.com/en/4.1/howto/deployment/checklist/ >> >> # SECURITY WARNING: keep the secret key used in production secret! >> SECRET_KEY = >> 'django-insecure-zb-=l4$q!2t@wjwt!@cp#rz=16v0l)#uai#7h(u4n8eie@ddt%' >> >> # SECURITY WARNING: don't run with debug turned on in production! >> DEBUG = True >> >> ALLOWED_HOSTS = [] >> >> >> # Application definition >> >> INSTALLED_APPS = [ >> 'django.contrib.admin', >> 'django.contrib.auth', >> 'django.contrib.contenttypes', >> 'django.contrib.sessions', >> 'django.contrib.messages', >> 'django.contrib.staticfiles', >> ] >> >> MIDDLEWARE = [ >> 'django.middleware.security.SecurityMiddleware', >> 'django.contrib.sessions.middleware.SessionMiddleware', >> 'django.middleware.common.CommonMiddleware', >> 'django.middleware.csrf.CsrfViewMiddleware', >> 'django.contrib.auth.middleware.AuthenticationMiddleware', >> 'django.contrib.messages.middleware.MessageMiddleware', >> 'django.middleware.clickjacking.XFrameOptionsMiddleware', >> ] >> >> ROOT_URLCONF = 'DjangoTest.urls' >> >> TEMPLATES = [ >> { >> 'BACKEND': 'django.template.backends.django.DjangoTemplates', >> 'DIRS': [], >> 'APP_DIRS': True, >> 'OPTIONS': { >> 'context_processors': [ >> 'django.template.context_processors.debug', >> 'django.template.context_processors.request', >> 'django.contrib.auth.context_processors.auth', >> 'django.contrib.messages.context_processors.messages', >> ], >> }, >> }, >> ] >> >> WSGI_APPLICATION = 'DjangoTest.wsgi.application' >> >> >> # Database >> # https://docs.djangoproject.com/en/4.1/ref/settings/#databases >> >> DATABASES = { >> 'default': { >> 'ENGINE': 'django.db.backends.sqlite3', >> 'NAME': BASE_DIR / 'db.sqlite3', >> } >> } >> >> >> # Password validation >> # >> https://docs.djangoproject.com/en/4.1/ref/settings/#auth-password-validators >> >> AUTH_PASSWORD_VALIDATORS = [ >> { >> 'NAME': >> 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator' >> , >> }, >> { >> 'NAME': >> 'django.contrib.auth.password_validation.MinimumLengthValidator', >> }, >> { >> 'NAME': >> 'django.contrib.auth.password_validation.CommonPasswordValidator', >> }, >> { >> 'NAME': >> 'django.contrib.auth.password_validation.NumericPasswordValidator', >> }, >> ] >> >> >> # Internationalization >> # https://docs.djangoproject.com/en/4.1/topics/i18n/ >> >> LANGUAGE_CODE = 'en-us' >> >> TIME_ZONE = 'UTC' >> >> USE_I18N = True >> >> USE_TZ = True >> >> >> # Static files (CSS, JavaScript, Images) >> # https://docs.djangoproject.com/en/4.1/howto/static-files/ >> >> STATIC_URL = 'static/' >> >> # Default primary key field type >> # https://docs.djangoproject.com/en/4.1/ref/settings/#default-auto-field >> >> DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' >> >> >> On Sunday, March 12, 2023 at 9:46:04 AM UTC Muhammad Juwaini Abdul Rahman >> wrote: >> >>> I think you need to add the following in settings.py: >>> >>> CSRF_TRUSTED_ORIGIN = ('<your_web_url>') >>> >>> >>> >>> On Sun, 12 Mar 2023 at 02:04, James Hunt <newbyp...@gmail.com> wrote: >>> >>>> Hi there. I am fairly new to Django but have had previous success with >>>> creating an app and being able to access the Admin page. >>>> Recently, if I attempt to access the admin page of a new Django app it >>>> throws the CSRF error upon trying to log in!!! >>>> >>>> I have attempted several ways to bypass this error including adding >>>> allowed hosts but I cant seem to get past this issue. >>>> >>>> Can someone please provide me with the definitive way of stopping CSRF >>>> error when simply trying to access the admin part of Django? I mean there >>>> are no post functions that really apply to this feature so I cant >>>> understand the CSRF token. >>>> >>>> I cant get past this issue which means I can never access the admin >>>> page!! >>>> >>>> Please help. >>>> >>>> Regards >>>> >>>> James >>>> >>> -- >>>> >>> You received this message because you are subscribed to the Google >>>> Groups "Django users" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to django-users...@googlegroups.com. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/django-users/e13c7765-831e-45c5-b091-c8fcfbed19c5n%40googlegroups.com >>>> >>>> <https://groups.google.com/d/msgid/django-users/e13c7765-831e-45c5-b091-c8fcfbed19c5n%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to django-users...@googlegroups.com. >> > To view this discussion on the web visit >> https://groups.google.com/d/msgid/django-users/28134e83-7155-44dc-8769-d59f18ad6083n%40googlegroups.com >> >> <https://groups.google.com/d/msgid/django-users/28134e83-7155-44dc-8769-d59f18ad6083n%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/299ed32a-0982-4328-be35-c7318ef712b9n%40googlegroups.com.
