SPA AngularJS / Django REST中的非持久性身份验证cookie
[英]Non persistent Authentication cookie in a SPA AngularJS / Django REST
问题描述
I have been wrestling with this issue for several hours: I have a Single-Page Application written in Angular which communicates with a DjangoREST backend. 
我已经为这个问题努力了几个小时:我有一个用Angular编写的单页应用程序,它与DjangoREST后端通信。 I am trying to implement an auth fonction with session Cookies. 我正在尝试通过会话Cookie实现身份验证功能。 The way I see it is: 我的看法是:
1/ Show any unlogged visitor a login page 1 /向任何未登录的访客显示登录页面
2/ Make a POST to url/login with the credentials 2 /进行POST以使用凭据进行url /登录
3/ Obtain a "sessionid" cookie and writing in a service that the user is logged 3 /获取一个“ sessionid” cookie并写入用户已登录的服务
4/ Redirect vistor towards reserved content and used get & post to access contents with the cookie 4 /将访问者重定向到保留的内容,并使用get&post访问带有cookie的内容
The login endpoint is already set and works. 登录端点已设置并且可以使用。 When I make a post, I receive a HTTP 200 response with user info and a Set-Cookie, but subsequent calls do not contain the Cookie: 发布帖子时,我收到一个HTTP 200响应,其中包含用户信息和Set-Cookie,但后续调用中不包含Cookie:
Request URL: ... Request Method:POST Status Code:200 OK Request Headersview source Accept:application/json, text/plain, */* Accept-Encoding:gzip,deflate,sdch Accept-Language:fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4 Connection:keep-alive Content-Length:38 Content-Type:application/x-www-form-urlencoded; charset=UTF-8 Host:devinify1.herokuapp.. Origin:http://mobilevinify.herokuapp... Referer:http://mobilevinify.herokuapp... User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36 Form Dataview sourceview URL encoded username:felix@vinify.co password:test Response Headersview source Access-Control-Allow-Origin:* Connection:keep-alive Content-Length:189 Content-Type:application/json Date:Sat, 14 Dec 2013 20:45:14 GMT Server:gunicorn/18.0 Set-Cookie:sessionid=ijz27zy655qn0cwmlnvr66609hsyvdub; expires=Sat, 28-Dec-2013 20:45:14 GMT; Max-Age=1209600; Path=/ Vary:Cookie
My code is a very simple adaptation of the angular-app example: https://github.com/FelixLC/MobileWebApp/blob/master/app/scripts/security/security.js 我的代码是对angular-app示例的非常简单的修改: https : //github.com/FelixLC/MobileWebApp/blob/master/app/scripts/security/security.js
I have tried this on localhost et on heroku. 我已经在localhost和heroku上尝试过这个。 The server and the client are on different domains, CORS are allowed. 服务器和客户端位于不同的域,允许使用CORS。 When I try to make calls, I receive an error from Django 尝试拨打电话时,我收到Django的错误消息
TypeError at /vinibarwines/ int() argument must be a string or a number, not 'AnonymousUser'
Should I try to get this cookie and put it in the headers with angularJS? 我是否应该尝试获取此cookie并将其放入angularJS的标题中?
You can try to login at http://mobilevinify.herokuapp.com/#/login with felix@vinify.co & test. 您可以尝试使用felix@vinify.co&test登录http://mobilevinify.herokuapp.com/#/login 。 Then Click on Vinibar, there is a 500 internal error on the GET request 然后单击Vinibar,GET请求上出现500内部错误
Any help much appreciated Felix 任何帮助,非常感谢Felix
1 个解决方案
解决方案1
0 已采纳 2013-12-14 22:05:36
Here is the full layout of how I actually do my authentication. 这是我实际进行身份验证的完整布局。 Django/Angular Authentication . Django /角度认证 。 It's a pretty extensive response, I'm more than happy to answer further questions you might have. 这是一个相当广泛的答复,我很乐意回答您可能还有的其他问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.