CSRF令牌在角度2中丢失或不正确2 + DJango 1.10.6

Question

我正在使用Angular 2和Django 1.10.6。我创建了一个post方法。在从前端发送请求之后，显示CSRF令牌丢失或不正确。

user.html 
<form #f="ngForm" (ngSubmit)="createUser(f.value, f.valid,f)" novalidate> 
.... 
</form> 

Angular2组件

createUser(model: User, isValid: boolean, f: any) { 
    // check if model is valid 
    // if valid, call API to save customer 
    if (isValid) { 
     this.userCreateService.createUser(model).subscribe(
      res => { 
       this.success = "User Create Success"; 
       this.user = new User(); 
       this.errorMsg=null 
      }, 
      err => { 
       this.errorMsg = err; 
       this.success=null; 
      }); 

    } 
} 

这是我Angular2服务

 @Injectable() 
export class UserCreateService { 

    constructor(private http: Http) { } 

    // private instance variable to hold base url 
    private userCreateUrl = '/api/user/users/'; 

    // Add a new User 
    createUser(body: Object): Observable<User> { 
    let bodyString = JSON.stringify(body); // Stringify payload 
    let headers = new Headers({ 'Content-Type': 'application/json' }); // ... Set content type to JSON 
    let options = new RequestOptions({ headers: headers }); // Create a request option 

    return this.http.post(this.userCreateUrl, body, options) // ...using post request 
     .map(this.extractData) // ...and calling .json() on the response to return data 
     .catch(this.handleError); //...errors if any 
    } 

Answer 1

问问题的几个片刻之后，我已经解决了我这个样子。 在角度2服务中创建方法。

getCookie(name) { 
    let value = "; " + document.cookie; 
    let parts = value.split("; " + name + "="); 
    if (parts.length == 2) 
     return parts.pop().split(";").shift(); 
    } 

而更换

let headers = new Headers({ 
     'Content-Type': 'application/json'}); // .Set content type to JSON 

到

let headers = new Headers({ 
     'Content-Type': 'application/json', 
     'X-CSRFToken': this.getCookie('csrftoken') 
    }); // ... Set content type to JSON 

中的createUser

（）角服务方法。