To sign in, I'm doing something like this:
function set header ( Xhr) {// According to the HTTP authentication device [2], credentials should be encoded in base 64. window. Boto [3] lets use xhr.setRequestHeader ("authorization", "basic" + btoa (username: ':' + password);} $ .ajax ({type: "POST", url: AUTH_URL, before Send: set header}} unsupported {console.log ('bad credential.')}) Done (resp) {}); After that , I am accumulating the session in local storage.
However, to log out, I am unable to find out how to use this session with the request header; That's the reason: request.logout () logs a user who has that session
< P> You can add a view similar to this one:
import json import requests from django.shortcuts import import render_to_response import from django.http HttpResponseRedirect @csrf_protect def (request ): If request.method == "POST": login = requests.post ('http: // your_url / api- token-auth /', data = {'username': request.POST ['username'] , 'Password': request. POST ['password']}) response = json.loads (login.text) if response.status_code == 200: token = response ['token'] request.session.flush () request. Session ['user'] = request POST ['Username'] if request.session.test_ Cookie_worked (): request.session.delete_test_cookie () Returns HttpResponseRedirect ("/"): Error = "Error" request. Session .set_test_cocai () Returns render_to_response ("login.html", {"error": error}, RequestContext (request)) For logout, you have to do what you consider: / P>
def logout (request): request.session.flush () On your API side, you have to define the API-token-at in the URL: here for more information << / code>
> Url (r '^ api-token-auth /', 'rest_framework.authtoken.views.obtain_auth_token') In this way you will get your token to communicate with the API. You can define near token authentication and you can find more about session-completion in the above tutorial.
Comments
Post a Comment