Invalid CSRF token or invalid Django
I ran into this problem before and solved it, but it just showed up by accident (or so it seems). I just came back to my Django project after a little time away ... on login I forgot my internet username and gave me the corresponding error message Sorry, that not a valid username or password
. So to solve this problem, I created a new superuser (since I also forgot the admin username) so I could check what my internet username is. I did it successfully, but now when I try to login, I get a CSRF error (is the username or password correct). I have no idea how this happened since it was checked correctly 10 seconds ago and I haven't changed a single line of code.
{% extends "base.html" %}
{% block content %}
<title>{% block title %} | Login{% endblock %}</title>
<h2>Login</h2>
{% if form.errors %}
<p class="error">Sorry, thats not a valid username or password</p>
{% endif %}
<form action="/accounts/auth/" method="POST">{% csrf_token %}
<label for="username">Username: </label>
<br>
<input type="text" name="username" value="" id="username">
<br><br>
<label for="password">Password: </label>
<br>
<input type="password" name="password" value="" id="password">
<br><br>
<input type="submit" value="Login">
</form>
{% endblock content %}
source to share
For security purposes, the CSRF token changes ("rotates") upon login. If you open the page in Tab A, login in tab B, then try to submit the form in Tab A, you will get a CSRF error as the CSRF token in Tab A is deprecated.
When you update Tab A, a new CSRF token is loaded and errors stop.
source to share