Intermittent 403 response from django.contrib.auth.views.login()

Question

Using django.contrib.auth.views.login() to process user logins I\'m seeing 403 responses in a production environment. A second attempt to login succeeds after an initial 403 (wh

Answer 1

The CSRF token is rotated after login.

If you open the login page in one tab, login using a second tab, then you'll get a CSRF error if you submit the form on the original tab.