Skip to content Skip to sidebar Skip to footer

Django Session Not Available On Two Seperate Requests

Description: In the django session docs it says: You can read it and write to request.session at any point in your view. But I can't access the session when making a second reque

Solution 1:

As mentioned by @AbdulAzizBarkat in the comments, the problem was that the session credentials were not sent to the backend. The way the sessions work in a cross-domain scenario is:

  • User is verified in backend
  • Session is sent to the frontend and stored in the browser
  • The session credentials have to get sent to the backend on every request

You cannot, however, read this session cookies, like mentioned here:

The browser cannot give access to 3rd party cookies like those received from ajax requests for security reasons, however it takes care of those automatically for you!

The provided solution using ajax and setting xhrFields: { withCredentials: true } did not work for me.

Answer:

Instead of an ajax request, I used fetch requests.

It is important to set credentials: "include" since otherwise cookies won't be sent cross-origin. A request looks like this:

fetch(`${API}/login`, {
    credentials: "include",
    method: "POST",
    body: data,
}).then(...).catch(...);

Post a Comment for "Django Session Not Available On Two Seperate Requests"