Django Rest Framework - Why am I getting a CSRF cookie not set on only one URL when there is NO difference from the other forms

I have this URL for someone to rate an opportunity:

path("opportunities/rate/", RateOpportunity.as_view),

I am using a Vue application to make a post request and all the other forms on the site work fine and I can make the requests and post content but this specific endpoint gives me a CSRF cookie not set error. There is no difference between this form and the other forms.

This is the view I am using:

class RateOpportunity(generics.CreateAPIView):
    permission_classes = [permissions.IsAuthenticated]

    serializer_class = OpportunityRateSerializer

    name = "rate-opportunity"

    def get_queryset(self):
        id = self.kwargs["pk"]

        return Opportunity.objects.all().filter(opportunity=id)

Why am I getting this error only on this endpoint and not any one of the others?

first of all - you need to call method as_view in your path.

secondly. As I know CreateAPIView do not using get_queryset method at all, so you can remove it.

In your frontend framework when you send request to backend - do you add something like withCredentials = true;. idk I am not frontender.

But cookie is only browser feature, so make sure that cookie is setted

Back to Top