favs app | secure csrf_token option

[LiorA1]

In the favs app -
The views 'AddFavoriteView' and 'DeleteFavoriteView', use in the 'csrf_exempt' decorator, because we want to allow non-secure access, but I found a way to use csrf token for them.
As can you see here:
views.py: https://github.com/LiorA1/Django/blob/main/dj4e-samples/favs/views.py#L79
I Solved it, by adding 'csrf_token' in the 'list.html' template:
https://github.com/LiorA1/Django/blob/main/dj4e-samples/favs/templates/favs/list.html#L68

[csev]

Thanks. This is a great suggestion. I will be adding a new "up/down vote" sample code and will use this approach in that code right away. And then when I can re-record lectures I will move this into the favs code.