How to exempt CSRF Protection on direct_to_template

Question

I have a flow in my django application in which I redirect the user to another service (e.g. PayPal) which after some its own processing, returns the user back on my own ser

Answer 1

You can Use @csrf_exempt decorator to excempt csrf token for this you have to import

from django.views.decorators.csrf import csrf_exempt

then write @csrf_exempt before your view

this will work properly :)

Answer 2

You can use the csrf_exempt decorator to disable CSRF protection for a particular view.

Say your url pattern is:

('^my_page/$', direct_to_template, {'template': 'my_page.html'})

Add the following import to your urls.py:

from django.views.decorators.csrf import csrf_exempt

Then change the url pattern to:

('^my_page/$', csrf_exempt(direct_to_template), {'template': 'my_page.html'})