Django - No CSRF error for posts without token

I'm using Django to host a React application. I added the CSRF protection middleware in Django. I tried testing it by sending a http post with Postman, without the x-csrftoken in the header. To my surprise, I did not get a 403, but I was able to get data without the x-csrftoken. How is this possible? Below you find my CSRF settings. My additional Django settings are very straightforward and include CORS.

...
# Cross Origin Resource Sharing Protection
CORS_ALLOWED_ORIGINS = [
    'http://127.0.0.1:3000',
]
CORS_ORIGIN_ALLOW_ALL = False
CORS_ALLOW_CREDENTIALS = True
# Cross Site Request Forgery Protection
CSRF_TRUSTED_ORIGINS = []
MIDDLEWARE = [
    ...
    'django.middleware.csrf.CsrfViewMiddleware',
]

Solution

If you are using anything other than SessionAuthentication CSRF will be disabled. In the docs.

gobject/gnome/glib bindings for D using GIR?
How do nested functions get compiled?
The "this" pointer and message receiving in D
64-bit executables with DMD
GtkD with D lang on Fedora
Why Android used Java concept instead of D language or C or C++? But Chromium web browser is in C++, its very complicated match
How to use MongoItemWriter to write a List<T>
Why a function with protected modifier can be overridden and accessible every where?
Convert Unicode const(uint)* to a dlang character type
Compiling D with Code::Blocks
DMD vs. GDC vs. LDC
Rendering a font in raylib using freetype
Digital Mars D compiler; acquiring ASM output
D Programming: openssl rsa forward reference compiler error
D compiler DMD doesn't link object files
OPTLINK: Warning 23: No Stack
Is there a limit in the amount of temporary generated symbols during a project build using dmd 2.063?
Is this the right way to combine Garbage collected with none Garbage collected code in D
D compiler (Digital Mars D Compiler) throwing error
Which D Compiler to Use?
Splitting a string treating multiple whitespace as one separator
Proper way of passing array parameters to D functions
Detailed Valgrind internals documentation
Is it possible, in D, to tell the garbage collector to not scan a particular pointer (or anything below it)?
Iterate over key/value pairs in associative array in D.
Dlang associative array of an array of strings keyed by a string has unexpected behavior
How to repeat a statement N times (simple loop)
Is worth the effort to learn D?
ld: undefined reference to object I can see in objdump
D using emplace