Django Admin Keeps Logging me Out

Question

I'm using the development server, logging in at /admin/, and that much works just fine. Then I can click on an admin item, such as groups: /admin/auth/group/. And then I see in the JavaScript console:

Uncaught SyntaxError: Unexpected token <

And this is coming from:

?next=/admin/jsi18n/:1

In the network tab, I see that the request to /admin/jsi18n/ has a status code of 302, which has been redirected for some reason and which shows the request cookie (appears valid), and the response cookie (now empty).

What am I doing wrong here?

Here are my settings.py cookie variables:

CSRF_COOKIE_NAME = 'tokenname_csrftoken'
CSRF_COOKIE_SECURE = False
CSRF_HEADER_NAME = CSRF_COOKIE_NAME
SESSION_COOKIE_NAME = CSRF_COOKIE_NAME
SESSION_COOKIE_SECURE = False

Answer 1

I've been having this problem recently as well but the cause was a different one than what was suggested in the accepted answer. It took me 2 days to figure this one out, hope this would help someone with a similar issue.

I had the SECRET_KEY set this way:

from django.core.management.utils import get_random_secret_key

SECRET_KEY = os.getenv('APP_SECRET_KEY', default=get_random_secret_key())

and, since the APP_SECRET_KEY environment variable was not set, and since I was rebuilding the app in the docker, a new secret was generated every time.

Solution: make sure your secret key does not change as it affects Django session validation.

References:

• Session data corrupted in django

Answer 2

Found it.

All cookie names need to be unique. Makes sense of course.

Changing SESSION_COOKIE_NAME to 'tokenname_sessionid'.

https://docs.djangoproject.com/en/1.11/ref/settings/#csrf-cookie-name