ensure csrf cookie for public and personalised views

payamnj · payamnj · commit e2d4898b9baa · 2026-03-05T10:43:29.000+04:00
diff --git a/django_email_learning/personalised/views.py b/django_email_learning/personalised/views.py
@@ -1,3 +1,5 @@
+from django.utils.decorators import method_decorator
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.views import View
 from django.views.generic.base import TemplateResponseMixin
 from django.http import HttpResponse
@@ -20,6 +22,7 @@
 import io
 
 
+@method_decorator(ensure_csrf_cookie, name="dispatch")
 class BaseTemplateView(View, TemplateResponseMixin):
     def error_response(
         self,
diff --git a/django_email_learning/public/views.py b/django_email_learning/public/views.py
@@ -1,4 +1,6 @@
 from django.views.generic import TemplateView
+from django.utils.decorators import method_decorator
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django.db.models import Prefetch
 from django_email_learning.models import Organization, Course
 from django.utils.translation import get_language_info, get_language
@@ -12,6 +14,7 @@
 )
 
 
+@method_decorator(ensure_csrf_cookie, name="dispatch")
 class OrganizationView(TemplateView):
     template_name = "public/organization.html"
 
diff --git a/django_email_learning/templates/public/organization.html b/django_email_learning/templates/public/organization.html
@@ -1,6 +1,5 @@
 {% extends "public/base.html" %}
 {% load django_vite %}
-{% csrf_token %}
 {% block head_script %}
     {% vite_asset 'public/organization/Organization.jsx' %}
 {% endblock %}
