I have a Django 1.6 app and I'm facing a problem with double submissions.
I could use the ideas spread all over here like: redirections, tokens, etc. (I got a JS prevention but I don't trust it) but after the submission I have to make another request to an API. The external API request takes let's say 20 seconds so there's plenty of time to play with the submit button.
The best solution I got right now is to save the CSRF (or any other unique token) in the DB and check if that token exists, if so 'kill' the request.
But that's the thing, can I kill the request? I can't respond with a 500, 404 because it's going to be delivered to the browser faster than the first/original request that does the API call.
Is there a way to kill/drop/pend a request with Django? Maybe this idea is crappy? Please share your knowledge.
I hope my English is understandable.