stackoom
  简体   繁体   中英

React and Django session problem that works on Postman but not in browser

 原文  2021-06-04 11:47:52       python/ reactjs/ django/ authentication

Question

I was wondering what I'm doing wrong. I am trying to implement the most simple session with React frontend and Django backend. I am aware that my methods are insecure and bad but its just a project for university and I need something that works so I should do other stuff that require sessions in my project.

This is how my backend looks for Login and SessionInfo:

@api_view(['POST'])
def login(request):
    data = request.data
    try:
        user = MyUser.objects.get(username=data.get('username'), 
                                  password=data.get('password'))
        request.session['uuid'] = user.id
        request.session.modified = True
    except MyUser.DoesNotExist:
        return HttpResponse("User does not exist.")
    return HttpResponse(request.session['uuid'])

@api_view(['GET'])
def getsession(request):
    if request.session.has_key('uuid'):
        return HttpResponse(request.session['uuid'])
    else:
        return HttpResponse(False)

When I am trying to test this with Postman it always work and I get wanted session ID but when I'm trying to do same stuff with react using Axios post method it always return False. I have no clue why? It looks like Django destroys session after calling login function or it doesn't even create it. This is how my post method looks in React:

function login(){
        axios.post('http://127.0.0.1:8000/evidencija/login/',{
            username: 'admin',
            password: 'admin'
        }).then(
            (response) =>{
                console.info(response.data)
                getSession()
            },
            (error) =>{
                console.log(error)
            }
        )
    }

1 answers

solution1
 0  2021-06-04 12:12:54

Some browsers (Chrome, for example) provide settings that allow users to continue browsing sessions after closing and re-opening the browser. In some cases, this can interfere with the SESSION_EXPIRE_AT_BROWSER_CLOSE setting and prevent sessions from expiring on browser close. Please be aware of this while testing Django applications which have the SESSION_EXPIRE_AT_BROWSER_CLOSE setting enabled.

Documentation: https://docs.djangoproject.com/en/3.2/topics/http/sessions/#browser-length-vs-persistent-sessions

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question API works in Postman, but not on a browser session not storing on browser in Django CSRF validation works from Postman but not React/Axios Django session authentication with React Flask Session Not Persisting (Postman works, Javascript doesn't) Session data works in local server, not in server - Django Delete session key when browser is refreshed ( Django ) Django user sessions browser quit not ending session Django new session for each browser tab session expire at browser close is not set properly django
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM