How to get the browser to store the jwt cookies?

iMerica / dj-rest-auth

Authentication for Django Rest Framework

https://dj-rest-auth.readthedocs.io/en/latest/index.html

MIT License

1.64k stars 306 forks source link

How to get the browser to store the jwt cookies? #455

Open duckheada opened 1 year ago

duckheada commented 1 year ago

The cookies are sent in the response headers from the django server, however the browser is not storing them nor sending them in subsequent requests. For now, I’m making the subsequent requests with the header {Authorisation: Bearer }, this works but my request does not contain the JWT cookies.

Why is that? How do I set the jwt cookies so they’re stored in the browser and used in subsequent requests?

iboughtbed commented 1 year ago

Did you find answers?

rochdikhalid commented 1 year ago

Did you add the following class to the REST_FRAMEWORK setting: 'dj_rest_auth.jwt_auth.JWTCookieAuthentication'?

Example:

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'dj_rest_auth.jwt_auth.JWTCookieAuthentication',
    )
    'DEFAULT_SCHEMA_CLASS': 'rest_framework.schemas.coreapi.AutoSchema'
}

iboughtbed commented 1 year ago

Did you add the following class to the REST_FRAMEWORK setting: 'dj_rest_auth.jwt_auth.JWTCookieAuthentication'?

Example:
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'dj_rest_auth.jwt_auth.JWTCookieAuthentication',
    )
    'DEFAULT_SCHEMA_CLASS': 'rest_framework.schemas.coreapi.AutoSchema'
}

Also you should check if the frontend and backend are on the same host(localhost, 127.0.0.1)

Parbelaez commented 4 months ago

Hi,

I think there is a problem on how the JWT cookies authentication is set which I reported on the Issue #584 . Also, it seems like there is the need of a new attribute for "Partitioned" when SAMESITE is none.

I hope this helps.