Use setting CSRF_FAILURE_VIEW to prevent user seeing 403 on CSRF failure, instead redirect them to the same page and display a warning (refs #5617)
This commit is contained in:
parent
28a158144a
commit
25ef99ffae
|
@ -135,6 +135,8 @@ AUTHENTICATION_BACKENDS = (
|
|||
)
|
||||
AUTHENTICATION_BACKENDS = plugins.register_plugins_authentication_backends(
|
||||
AUTHENTICATION_BACKENDS)
|
||||
CSRF_FAILURE_VIEW = 'authentic2.views.csrf_failure_view'
|
||||
|
||||
|
||||
LOGIN_REDIRECT_URL = '/'
|
||||
LOGIN_URL = '/login/'
|
||||
|
|
|
@ -472,3 +472,7 @@ class LoggedInView(View):
|
|||
return HttpResponse(content, content_type='application/json')
|
||||
|
||||
logged_in = never_cache(LoggedInView.as_view())
|
||||
|
||||
def csrf_failure_view(request, reason=""):
|
||||
messages.warning(request, _('The page is out of date, it was reloaded for you'))
|
||||
return HttpResponseRedirect(request.get_full_path())
|
||||
|
|
Loading…
Reference in New Issue