CSRF Cookie Django/React

У меня проблема с CSRF-токеном в Django и React, и я не могу найти решение.

Проблема проявляется, когда я хочу обновить миниатюру товара

Это проблема:

Запрещено (CSRF cookie не установлен.): /admin/product/15/api/products/upload/ [23/May/2024 18:36:32] "POST /admin/product/15/api/products/upload/ HTTP/1.1" 403 2960

from rest_framework.response import Response
from rest_framework.decorators import api_view, permission_classes
from rest_framework.permissions import IsAdminUser

from base.models import Product
from base.serializers import ProductSerializer


@api_view(["GET"])
def get_products(request):
    products = Product.objects.all()
    serializer = ProductSerializer(products, many=True)
    return Response(serializer.data)


@api_view(["GET"])
def get_product(request, pk):
    product = Product.objects.get(id=pk)
    serializer = ProductSerializer(product, many=False)
    return Response(serializer.data)


@api_view(["POST"])
@permission_classes([IsAdminUser])
def create_product(request):
    user = request.user

    product = Product.objects.create(
        user=user,
        name="Sample Name",
        price=0,
        brand="Sample Brand",
        count_in_stock=0,
        category="Sample Category",
        description="",
    )

    serializer = ProductSerializer(product, many=False)
    return Response(serializer.data)


@api_view(["PUT"])
@permission_classes([IsAdminUser])
def update_product(request, pk):
    data = request.data
    product = Product.objects.get(id=pk)

    product.name = data["name"]
    product.price = data["price"]
    product.brand = data["brand"]
    product.count_in_stock = data["count_in_stock"]
    product.category = data["category"]
    product.description = data["description"]

    product.save()

    serializer = ProductSerializer(product, many=False)
    return Response(serializer.data)


@api_view(["DELETE"])
@permission_classes([IsAdminUser])
def delete_product(request, pk):
    product = Product.objects.get(id=pk)
    product.delete()
    return Response("Produkt został usunięty.")


@api_view(["POST"])
def upload_image(request):
    data = request.data

    product_id = data["product_id"]
    product = Product.objects.get(id=product_id)

    product.image = request.FILES.get("image")
    product.save()

    return Response("Obraz został załadowany")

Вернуться на верх

Последние вопросы и ответы

How to save OneToMany in Django Admin

Resize Tables with css

403 Forbidden POST Request when trying to log out using React front end with Axios and Django with rest-framework

How to handle prefixed UUIDs in Django Admin for querying and displaying objects?

Column 'tbl1.id' is not the same data type as referencing column 'tbl2.field_id' in foreign key 'tb1_field_id_tbl2_id'

Suggestion of Django "email queue" package for current versions? [closed]

Why do I have to create a new thread for updating a database record? (Django Rest Framework)

Django alterfield migration to textfield fails [duplicate]

django_apscheduler calls my job many times

How do I hot reload a Django reusable app? [duplicate]

CSRF Cookie Django/React

Последние вопросы и ответы

Рекомендуемые записи по теме