我有一个axios函数,我用它来登录一个用户(dajngo后端),然后以cookie的形式检索JWT令牌。
const loginRequest = (values) => {
axios
.post(
"/api/login",
{
email: values.email,
password: values.password,
},{
withCredentials: true,
}
)
.then(function (response) {
console.log(response);
})
.catch(function (error) {
console.log(error);
});
};这里是django view
@api_view(['POST'])
def LoginView(request):
email = request.data['email']
password = request.data['password']
user = User.objects.filter(email=email).first()
if user is None:
raise AuthenticationFailed('User not found!')
if not user.check_password(password):
raise AuthenticationFailed('Incorrect password!')
payload = {
'id': user.id,
'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=60),
'iat': datetime.datetime.utcnow()
}
token = jwt.encode(payload, 'secret', algorithm='HS256')
response = Response()
response.set_cookie(key='jwt', value=token, httponly=True)
response.data = {
'jwt': token
}
return responseCookie输出(Firefox)
然后我得到这个警告
我尝试将SameSite: 'None'或SameSite: 'Lax'添加到函数中
{
withCredentials: true,
headers: {
'Content-Type': 'application/json',
},
SameSite: 'None',
}但是我得到这个错误
1条答案
按热度按时间dbf7pr2w1#
您不能将相同的网站添加到axios.post方法中,而是尝试将其添加到您设置cookie的方法中:
设置cookie作为www.example.com的一部分axios.post,现在是cookie的工作方式。