Forbidden (403) CSRF verification failed. Request aborted

For those who are using Django==4.* or above, there must be an additional field in settings.py called CSRF_TRUSTED_ORIGINS=[] and add your domain here, Problem solved.

Check this latest release.


You need to add {% csrf_token %} in your form

https://docs.djangoproject.com/en/2.2/ref/csrf/

like that :

<form>
    {% csrf_token %}
    <anything_else>
</form>

Also, you have to use RequestContext(request) everytime you use render_to_response :

return render_to_response("login.html",
    {"registration_id":registration_id},
    context_instance=RequestContext(request))

And you have to import authenticate and login :

from django.contrib.auth import authenticate, login