CSRF with Django, React+Redux using Axios

Question

This is an educational project, not for production. I wasn\'t intending to have user logins as part of this.

Can I make POST calls to Django with a CSRF token withou

Answer 1

After spending too many hours researching, and implementing the above answer, I found my error for this problem! I have added this answer to be supplemental of the accepted answer. I had set up everything as mentioned, but the gotcha for me was actually in the browser itself!

If testing locally, make sure you are accessing react through 127.0.0.1 instead of localhost! localhost handles request headers differently and doesn't show the CSRF tokens in the header response, where as 127.0.0.1 will! So instead of localhost:3000 try 127.0.0.1:3000!

Hope this helps.