django ajax post csrf code example

Example 1: csrf_exempt

#first you need to import this
from django.views.decorators.csrf import csrf_exempt

#now use @csrf_exempt dacorator as follows

@csrf_exempt
def exampleview(request):
	pass
	#now this view will not require csrf_token to handle post requests

Example 2: csrf token django

Cross Site Request Forgery protection¶
The CSRF middleware and template tag provides easy-to-use protection against
Cross Site Request Forgeries. This type of attack occurs when a malicious
website contains a link, a form button or some JavaScript that is intended 
to perform some action on your website, using the credentials of a logged-in 
user who visits the malicious site in their browser. A related type of attack,
‘login CSRF’, where an attacking site tricks a user’s browser into logging into
a site with someone else’s credentials, is also covered.

The first defense against CSRF attacks is to ensure that GET requests
(and other ‘safe’ methods, as defined by RFC 7231#section-4.2.1) are
 side effect free. Requests via ‘unsafe’ methods, such as POST, PUT,
 and DELETE, can then be protected by following the steps below.