execreate
05/07/2022, 5:47 AMpython
CSRF_TRUSTED_ORIGINS=[domain_names]
CSRF_COOKIE_SECURE = True
The issue we are getting is that POST requests we are getting this response:
json
{
"detail": "CSRF Failed: CSRF token missing."
}
rp
05/07/2022, 5:48 AMrp
05/07/2022, 5:48 AMexecreate
05/07/2022, 5:48 AMrp
05/07/2022, 5:49 AMexecreate
05/07/2022, 5:50 AMrp
05/07/2022, 5:50 AMrp
05/07/2022, 5:50 AMexecreate
05/07/2022, 5:51 AMrp
05/07/2022, 5:51 AMexecreate
05/07/2022, 6:00 AMpython
['corsheaders.middleware.CorsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.middleware.locale.LocaleMiddleware',
'supertokens_python.framework.django.django_middleware.middleware']
execreate
05/07/2022, 6:02 AMpython
REST_FRAMEWORK = {
'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema',
'DEFAULT_FILTER_BACKENDS': ['django_filters.rest_framework.DjangoFilterBackend'],
}
and the endpoint I am fetching is protected with supertokens_python.recipe.session.framework.django.syncio.verify_session
execreate
05/07/2022, 6:08 AMcsrftoken
is there in the request cookies
do you think the problem might be that the frontend is not sending me the same cookie in X-CSRFToken
header?rp
05/07/2022, 6:16 AMrp
05/07/2022, 6:17 AM['corsheaders.middleware.CorsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.middleware.locale.LocaleMiddleware',
'supertokens_python.framework.django.django_middleware.middleware']
rp
05/07/2022, 6:17 AMdjango.contrib.auth.middleware.AuthenticationMiddleware
)rp
05/07/2022, 6:17 AMsupertokens_python.framework.django.django_middleware.middleware
, then add things one by one until I hit the issue againexecreate
05/07/2022, 6:32 AMexecreate
05/07/2022, 6:46 AMrp
05/07/2022, 6:47 AMexecreate
05/07/2022, 7:04 AM