Closed estebbins closed 1 year ago
Here are the docs about authentication: https://www.django-rest-framework.org/api-guide/authentication/
Take a look at this (it specifically goes over sessions) let us know if you still need help!
I did review this already and still need help.
See if you can get anything from this medium article, don't follow the code verbatim or anything, but check out their settings etc to see what packages they use. Let me know how it goes
I think I was able to get it working with using the examples in here. If it works, then it boils down to the changes below for the boilerplates. I am hesitant to say that this issue is fully resolved as I haven't been able to test further with my own models/routes, and there's some customization in the Django API boilerplate related to users & tokens I am not sure if they can be just deleted out yet or not. I will update this issue when I have been able to do more testing with the final resolution.
If you see anything that doesn't look right below, please let me know!
Django API
# settings.py
# Add this above CORS_ORIGIN_WHITELIST (in both if & else)
CORS_ALLOW_CREDENTIALS = True
# Modify REST_FRAMEWORK to the below
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.SessionAuthentication'
],
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticated'
]
}
React Client
// under other imports in Index.js put ->
import axios from 'axios'
axios.defaults.withCredentials = true;
axios.defaults.xsrfCookieName = 'csrftoken'
axios.defaults.xsrfHeaderName = 'x-csrftoken'
Looks good to me, test it out and let me know how it goes. It's possible you might have to use the token for some functionality and the session for others, but I'm not sure as I haven't tried it myself. Keep me posted.
Auth is working, but when I refresh, it still logs me out. I'm not sure how to access the session information as our prior example was with express in the single resource app. If we could take a look together, that would be great!
Gotcha, we'll take a look after django deployment today.
Added the below to Home.js in react in addition to the above in order to get this working!
const clearUser = () => {
console.log('clear user ran')
setUser(null)
localStorage.clear()
}
useEffect(() => {
const loggedInUser = localStorage.getItem("user")
console.log('ul', user, loggedInUser)
if (loggedInUser) {
const foundUser = JSON.parse(loggedInUser)
setUser(foundUser.user)
setUpdated(prev => !prev)
}
}, [])
What stack are you using?
(ex: MERN(mongoose + react), DR(django + react), PEN, etc.)
DR
What's the problem you're trying to solve?
Trying to change to session-based authentication & trying to add fields for sign-up
Post any code you think might be relevant (one fenced block per file)
If you see an error message, post it here. If you don't, what unexpected behavior are you seeing?
No error messages but in admin portal, not being asked for Username & Phone number. Also trying to unpack the boilerplate user customizations that already took place and build around token auth when trying to convert to session based authentication.
What is your best guess as to the source of the problem?
Custom boilerplate set-up
What things have you already tried to solve the problem?
See code above.
Paste a link to your repository here https://github.com/estebbins/FareIsFair-API (view the authversion1 branch)