Fady's Cube
Reputation: 318
Sending http only cookie in Authorization header django-rest-framework
I'm building a rest API using django-rest-framework with auth implementation with django-rest-knox and I want to store the token in an http only cookie with a React frontend. So I've used thie code:
from django.contrib.auth import login
from rest_framework import permissions
from rest_framework.authtoken.serializers import AuthTokenSerializer
from knox.views import LoginView as KnoxLoginView
class LoginView(KnoxLoginView):
permission_classes = (permissions.AllowAny,)
def post(self, request, format=None):
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
login(request, user)
response = super(LoginView, self).post(request, format=None)
token = response.data['token']
del response.data['token']
response.set_cookie(
'auth_token',
token,
httponly=True,
samesite='strict'
)
return response
from this topic django-rest-knox with cookies
This code use the Set-Cookie Header and it works but the problem is when I want to request in a protected route I need the token for the Authorization header, so how can I do it.
Upvotes: 2
Views: 420
Answers (0)
Related Questions
- Django-rest-auth use cookie instead of Authorization header
- Using http only cookie to store auth token django-rest-framework
- How to send CSRF Cookie from React to Django Rest Framework with Axios
- django-rest-framework using HttpOnly Cookie
- http response not setting cookie in the browser
- How to Authenticate Django REST API with HTTP only cookie?
- Axios - extracting http cookies and setting them as authorization headers
- saving authentication token in cookie (Django Rest Framework + React)
- django-rest-knox with cookies
- Session authentication with cookies in Django not working