Non persistent Authentication cookie in a SPA AngularJS / Django REST
Question
I have been wrestling with this issue for several hours: I have a Single-Page Application written in Angular which communicates with a DjangoREST backend. I am trying to implement an auth fonction with session Cookies. The way I see it is:
1/ Show any unlogged visitor a login page
2/ Make a POST to url/login with the credentials
3/ Obtain a "sessionid" cookie and writing in a service that the user is logged
4/ Redirect vistor towards reserved content and used get & post to access contents with the cookie
The login endpoint is already set and works. When I make a post, I receive a HTTP 200 response with user info and a Set-Cookie, but subsequent calls do not contain the Cookie:
Request URL: ... Request Method:POST Status Code:200 OK Request Headersview source Accept:application/json, text/plain, */* Accept-Encoding:gzip,deflate,sdch Accept-Language:fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4 Connection:keep-alive Content-Length:38 Content-Type:application/x-www-form-urlencoded; charset=UTF-8 Host:devinify1.herokuapp.. Origin:http://mobilevinify.herokuapp... Referer:http://mobilevinify.herokuapp... User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36 Form Dataview sourceview URL encoded username:felix@vinify.co password:test Response Headersview source Access-Control-Allow-Origin:* Connection:keep-alive Content-Length:189 Content-Type:application/json Date:Sat, 14 Dec 2013 20:45:14 GMT Server:gunicorn/18.0 Set-Cookie:sessionid=ijz27zy655qn0cwmlnvr66609hsyvdub; expires=Sat, 28-Dec-2013 20:45:14 GMT; Max-Age=1209600; Path=/ Vary:Cookie
My code is a very simple adaptation of the angular-app example: https://github.com/FelixLC/MobileWebApp/blob/master/app/scripts/security/security.js
I have tried this on localhost et on heroku. The server and the client are on different domains, CORS are allowed. When I try to make calls, I receive an error from Django
TypeError at /vinibarwines/ int() argument must be a string or a number, not 'AnonymousUser'
Should I try to get this cookie and put it in the headers with angularJS?
You can try to login at http://mobilevinify.herokuapp.com/#/login with felix@vinify.co & test. Then Click on Vinibar, there is a 500 internal error on the GET request
Any help much appreciated Felix
1 answers
solution1
0 ACCPTED 2013-12-14 22:05:36
Here is the full layout of how I actually do my authentication. Django/Angular Authentication . It's a pretty extensive response, I'm more than happy to answer further questions you might have.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.