标签 csrf 下的文章

django setting
以下无效

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.TokenAuthentication',
    )
}

正确用法
来自 https://blog.csdn.net/weixin_51098806/article/details/123674186#commentBox

MIDDLEWARE = [
    ...
    "projectname.utils.csrf_middleware.NotUseCsrfTokenMiddlewareMixin"
]

/project/project/utils

from django.utils.deprecation import MiddlewareMixin


class NotUseCsrfTokenMiddlewareMixin(MiddlewareMixin):

    def process_request(self, request):
        setattr(request, '_dont_enforce_csrf_checks', True)