eldarion-ajax | a library for adding declarative ajax functionality

I don't see how pinax-likes widget can actually work with the current code. It's broken. I see you opened an issue, if someone is still actively maintaining it they might fix it. Or you could fix it and propose a pull request.

There are two problems with the {% likes_widget %}:

1. It cannot work without ajax, because it's just an link, i.e. it will send a GET request to your view. But the view expects a POST request, which is logical, since liking makes a change to the database and so it should be a POST. Therefore, without ajax, the view throws a 405 error.

2. It uses eldarion-ajax to make the ajax POST request, but since again it's just a a.click event, it won't post any data, i.e. it doesn't post the CSRF token. The view won't allow the missing token (it doesn't have the @csrf_exempt decorator), so it throws a 403 error.

Now the only way I see around this is to write your own HTML and/or ajax and not use the likes_widget.

1. You can wrap the like button in a form and replace the like button with a that submits the form (instead of an tag). This way, you can include the {% csrf_token %} tag in the form and the post will work. This will refresh the page.

2. You can write your own ajax call to handle a click on the like button and post to the same view and include the csrftoken in the data posted.