justquick
commented
2 years ago looks like you are using token auth with drf. token auth doesnt work well w/ csrf. you can subclass the view and use the @csrf_excempt decorator (with caution) or find another way around it
https://stackoverflow.com/questions/30871033/django-rest-framework-remove-csrf
I am developing a web and mobile application in which I use session authentication.
I would like to test all endpoints but some of them are protected by the @login_required and @csrf_exempt decorators.
For example when I try to do GET http://localhost:8000/activity/follow// the login form appears and after login an error appears about the csrf. Do you how I can solve this issue?