我为Web客户端使用了Reaction with Axios,为API使用了Django REST框架。csrftoken
和sessionid
cookie是在本地开发时设置的,在生产中也是使用API在Postman中设置的。但在我的Vercel Reaction应用程序中,尽管请求成功,但没有设置cookie。
settings.py
CORS_ALLOWED_ORIGINS = [
'http://localhost:3000',
'http://127.0.0.1:3000',
# web client url,
]
CORS_ORIGIN_WHITELIST = (
'http://localhost:3000',
'http://127.0.0.1:3000',
# web client url,
)
CSRF_TRUSTED_ORIGINS = [
'http://localhost:3000',
'http://localhost:8000',
'http://127.0.0.1:3000',
# web client url,
]
CORS_ALLOW_METHODS = [
"DELETE",
"GET",
"OPTIONS",
"PATCH",
"POST",
"PUT",
]
CORS_ALLOW_HEADERS = [
"accept",
"accept-encoding",
"authorization",
"content-type",
"dnt",
"origin",
"user-agent",
"x-csrftoken",
"x-requested-with",
]
CORS_EXPOSE_HEADERS = [
"Content-Type",
"X-CSRFToken"
]
CORS_ALLOW_CREDENTIALS = True
CSRF_COOKIE_NAME = "csrftoken"
CSRF_COOKIE_HTTPONLY = False
CSRF_COOKIE_SECURE = True
CSRF_COOKIE_SAMESITE = 'None'
SESSION_COOKIE_HTTPONLY = False
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_SAMESITE = 'None'
Axios配置:
axios.defaults.withCredentials = true;
const axiosClient = axios.create({
xsrfHeaderName: 'X-CSRFToken',
xsrfCookieName: 'csrftoken',
headers: {
"Accept": "application/json",
"Content-Type": "application/json",
},
});
axiosClient.defaults.baseURL = process.env.NODE_ENV === 'production'
? apiUrls.PROD_ROOT
: apiUrls.DEV_ROOT;
export default axiosClient;
Vercel App响应:Response
1条答案
按热度按时间v8wbuo2f1#
在Axios中添加“with Credentials:True”,这应该可以解决您的问题