使用 django python-social-auth 重定向后会话值丢失 [英] Session value missing after redirect with django python-social-auth
问题描述
我正在开发一个使用 python-social-auth 对 facebook 进行身份验证的 django 项目.我在 localhost 上运行 django 服务器,并使用我的应用程序设置 facebook 以重定向到 http://127.0.0.1:8000/complete/facebook/,它开始 python-social-auth 的管道来验证用户.我使用 postgres 作为我的数据库.
I am working on a django project using python-social-auth to do authentication with facebook. I am running the django server on localhost and have facebook set up with my application to redirect to http://127.0.0.1:8000/complete/facebook/, which begins python-social-auth's pipeline to authenticate a user. I am using postgres as my database.
当调用此方法并尝试进行身份验证时,它无法找到有关会话的信息.来自 https://github.com/omab/python-social-auth/issues/534 ,我认为 sessionid cookie 被覆盖了.如果我将 facebook 重定向发送到不同的 url 以加载未经身份验证的静态页面,则没有错误,但我也没有进行身份验证或从 facebook 获取任何信息.
When this method is called and tries to authenticate, it cannot find information on the session. From https://github.com/omab/python-social-auth/issues/534 , I think the sessionid cookie is being overwritten. If I send the facebook redirect to a different url to load a static page without authentication, there is no error but I am also not authenticating or getting any information from facebook.
我将如何不覆盖 sessionid cookie - 当然,这是实际问题 - 或者我可能在这里遗漏了另一个问题?
How would I go about not overwriting the sessionid cookie -if of course, that is the actual issue- or is there another problem that I might be missing here?
[03/Jun/2016 05:19:58] "GET /login/facebook/?next=/lithium-web/ HTTP/1.1" 302 0
Internal Server Error: /complete/facebook/
Traceback (most recent call last):
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/django/core/handlers/base.py", line 149, in get_response
response = self.process_exception_by_middleware(e, request)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/django/core/handlers/base.py", line 147, in get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/django/views/decorators/cache.py", line 57, in _wrapped_view_func
response = view_func(request, *args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/django/views/decorators/csrf.py", line 58, in wrapped_view
return view_func(*args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/apps/django_app/utils.py", line 51, in wrapper
return func(request, backend, *args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/apps/django_app/views.py", line 28, in complete
redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/actions.py", line 43, in do_complete
user = backend.complete(user=user, *args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/backends/base.py", line 41, in complete
return self.auth_complete(*args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/utils.py", line 229, in wrapper
return func(*args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/backends/facebook.py", line 71, in auth_complete
state = self.validate_state()
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/backends/oauth.py", line 88, in validate_state
raise AuthStateMissing(self, 'state')
AuthStateMissing: Session value state missing.
推荐答案
此错误是由于会话 cookie 未通过非 https url 保存.在 django 中将 SESSION_COOKIE_SECURE 设置为 True 在 localhost 上进行测试时,会话 cookie 不会在重定向之间持续存在,并且在任何类型的页面更改中都会检查会话时出现此错误.
This error was due to the session cookie not being saved over a non-https url. When testing on localhost with SESSION_COOKIE_SECURE set to True in django, the session cookies will not persist between redirect and you will get this error in any kind of page change where session would be checked.
SESSION_COOKIE_SECURE=False 进行测试,一切都很好
SESSION_COOKIE_SECURE=False for testing and it's all good
这篇关于使用 django python-social-auth 重定向后会话值丢失的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!