As I can put {% csrf_token %} to the forms that I generate in the Django admin, I have this problem about these forms and I do not know how to edit them because I have consulted and the solution is to put {% csrf_token %} in the forms.
The {% csrf_token %} goes in the templates (files .html), where is your form, it would be something like this:
<form action="" method="post">
<span>Inicia sesión!</span>
<input type="email" name="email" />
<input type="password" name="password" />
{% csrf_token %}
<input type="submit" value="Entrar" />
</form>
if you use the admin ... it puts it by default
for hand-made forms goes after the tag form
<form action="" method="post">{% csrf_token %}
<!--aqui los input-->
</form>
Please note that you have the middleware 'django.middleware.csrf.CsrfViewMiddleware' enabled in the settings.py
You could comment this line in the settings ' django.middleware.csrf.CsrfViewMiddleware ' file
however you make your application vulnerable to this attack, it is better to use something like this:
<pre>
<form action="/tupost/" method="post">{% csrf_token %}
<!--campos de formulario-->
</form>
</pre>