#Django cookies not setting for localhost network when CORS is enabled

12 messages · Page 1 of 1 (latest)

noble seal
#

the code:


def handle_login(request: HttpRequest):
    if request.method == "POST":
        email = request.POST.get("email")
        password = request.POST.get("password")
        try:
            user: User = User.objects.get(email=email)
            if user.password == make_password(password, salt=PASSOWRD_SALT):
                expires = datetime.datetime.now() + datetime.timedelta(days=7)
                max_age = int((expires - datetime.datetime.now()).total_seconds())
                jwt_payload = {
                    "email": user.email,
                }
                jwt_token = jwt.encode(jwt_payload, JWT_SECRET, algorithm="HS256")
                print(jwt_token)
                resp = JsonResponse({"password": "correct"}, status=302)
                expires = datetime.datetime.now() + datetime.timedelta(days=7)
                max_age = int((expires - datetime.datetime.now()).total_seconds())
                resp.set_cookie("Authorisation", jwt_token, expires=expires,  httponly=False, samesite='None',secure=True)
                return resp
            else:
                return JsonResponse({"password": "incorrect"}, status=401)
        except ObjectDoesNotExist: 
            return JsonResponse({"error": "The email is not registered"}, status=404)
        except Exception as e:
            return JsonResponse({"error": str(e)}, status=500)
    return JsonResponse({"error": "Method not allowed"}, status=405)

this django endpoint is hosted on http://0.0.0.0:8000/ and the nextjs app which calls this endpoint is on:

   - Network:      http://192.168.29.249:3000```
because of cors and what not I need to enable the secure flag, which eventually is failing(?) the code.
#

the error in the application -> cookies console in dev options on chrome

boreal warren
#

Easiest fix is probably to just set up a proxy server to serve both Django and nextjs on the same port?

noble seal
#

using ngrok or something

boreal warren
#

Yes

noble seal
#

using proxy on same port is probably the ideal way and easiest to translate while deploying to production. im just a bit unsure about my machine handling the proxy server lol. already out of resources

boreal warren
#

Your development machine is out of resources? 🤔 Are you developing on a potato? Or some kind of microscopic VPS?

noble seal
#

i5 8th gen 8gigs

#

dell latitude

boreal warren
#

Still 🤔