Does not allow for a change of CSRF token name using CSRF_COOKIE_NAME

[michjnich]

https://docs.djangoproject.com/en/5.1/ref/settings/#csrf-cookie-name

If you change the default cookie name for CSRF, all attempts to lock fail with 403 because the js is not taking the django settings into account and simply hardcoding "csrftoken"

https://github.com/jonasundderwolf/django-admin-locking/blob/b8f21812b9fdfc9d621ebb62d7c38cd7a0b26da0/admin_locking/static/admin_locking/admin_locking.js#L3C1-L4C51

Solution (one solution anyway)

The admin template would need overriding to pass a token name in within <script> tags - this might have to be an instruction to the project to do themselves, rather than something in django-admin-locking. Something like this:

{{ settings.CSRF_COOKIE_NAME|json_script:"django-csrf-cookie-name" }}

The js could then retrieve this and just fallback to the default if it's not there

csrftoken = getCookie(django-csrf-cookie-name || 'csrftoken')