[英]Django 403 Error while using POST method through Front end ( Angular Js )
views.py视图.py
class ExtendUserSession(MiddlewareMixin):
"""
Extend authenticated user's sessions so they don't have to log back in
next 15 minutes (set by Django's default `SESSION_COOKIE_AGE` setting).
"""
def process_request(self, request):
# Only extend the session for auth'd users
if request.user.is_authenticated:
reason = CsrfViewMiddleware('get_response').process_view(request, None, (), {})
if reason:
# process_view returns HTTPException
pass
else:
# process_view returns None - No error on HTTP request from CSRF middleware verification
request.session.set_expiry(86400)
settings.py设置.py
CORS_ORIGIN_WHITELIST = [
'http://localhost:8000', #I have changed the localhost as in my local ip. so 8000 is backend and 8080 is frontend port
'http://localhost:8080',
]
# A list of origins that are allowed to make cross-site HTTP requests to your Django application.
CSRF_TRUSTED_ORIGINS = [
'http://localhost:8000',
'http://localhost:8080',
]
CSRF_WHITELIST_ORIGINS = ['localhost:8000','localhost:8080']
# SESSION_ENGINE = 'django.contrib.sessions.backends.signed_cookies'
# SESSION_COOKIE_NAME='sessionid'
SESSION_COOKIE_PATH='/' #default /
# SESSION_COOKIE_SECURE=True#default False
SESSION_COOKIE_SECURE=False
# SESSION_COOKIE_DOMAIN='localhost:8080' #default None
SESSION_COOKIE_DOMAIN= None
SESSION_COOKIE_HTTPONLY=False # default is True
SESSION_EXPIRE_AT_BROWSER_CLOSE = False
SESSION_COOKIE_AGE = 86400
CSRF_COOKIE_NAME='X-CSRFToken'
CSRF_COOKIE_AGE=86400
CSRF_COOKIE_DOMAIN=None
CSRF_COOKIE_HTTPONLY=False
CSRF_COOKIE_PATH='/'
CSRF_COOKIE_SECURE=False
I'm able to get post method from POSTMAN for eg:我可以从 POSTMAN 获取 post 方法,例如:
But while trying through Front-end this is the error I'll be getting但是在尝试通过前端时,这是我会得到的错误
Is there any settings I have to change for making it accepting request through FrontEnd是否需要更改任何设置才能使其通过 FrontEnd 接受请求
Probable issue could be the front end is not sending the "sessionid" cookie which is used to verify authentication in back end.可能的问题可能是前端没有发送用于验证后端身份验证的“sessionid”cookie。 So backend redirects to login page as it does not see user as authenticated.
所以后端重定向到登录页面,因为它没有看到用户经过身份验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.