Django check CSRF token manually
问题 I am implementing an API that works either with an API key, or with a CSRF token. The goal is for it to be usable either by a web app (protected by CSRF) or by a third party application (protected by API key). Basically on each request (all via POST), I check if there is an API key. If there is a valid one, it's good to go. If not, I want to fall back to verifying CSRF. Is there a function I can call to verify the CSRF myself? The view itself is @csrf_exempt because API keys need to work. 回答1