Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
727 views
in Technique[技术] by (71.8m points)

authentication - Session value missing after redirect with django python-social-auth

I am working on a django project using python-social-auth to do authentication with facebook. I am running the django server on localhost and have facebook set up with my application to redirect to http://127.0.0.1:8000/complete/facebook/, which begins python-social-auth's pipeline to authenticate a user. I am using postgres as my database.

When this method is called and tries to authenticate, it cannot find information on the session. From https://github.com/omab/python-social-auth/issues/534 , I think the sessionid cookie is being overwritten. If I send the facebook redirect to a different url to load a static page without authentication, there is no error but I am also not authenticating or getting any information from facebook.

How would I go about not overwriting the sessionid cookie -if of course, that is the actual issue- or is there another problem that I might be missing here?

[03/Jun/2016 05:19:58] "GET /login/facebook/?next=/lithium-web/ HTTP/1.1" 302 0
Internal Server Error: /complete/facebook/
Traceback (most recent call last):
  File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/django/core/handlers/base.py", line 149, in get_response
    response = self.process_exception_by_middleware(e, request)
  File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/django/core/handlers/base.py", line 147, in get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/django/views/decorators/cache.py", line 57, in _wrapped_view_func
    response = view_func(request, *args, **kwargs)
  File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/django/views/decorators/csrf.py", line 58, in wrapped_view
    return view_func(*args, **kwargs)
  File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/apps/django_app/utils.py", line 51, in wrapper
    return func(request, backend, *args, **kwargs)
  File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/apps/django_app/views.py", line 28, in complete
    redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)
  File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/actions.py", line 43, in do_complete
    user = backend.complete(user=user, *args, **kwargs)
  File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/backends/base.py", line 41, in complete
    return self.auth_complete(*args, **kwargs)
  File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/utils.py", line 229, in wrapper
    return func(*args, **kwargs)
  File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/backends/facebook.py", line 71, in auth_complete
    state = self.validate_state()
  File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/backends/oauth.py", line 88, in validate_state
    raise AuthStateMissing(self, 'state')
AuthStateMissing: Session value state missing.
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

This error was due to the session cookie not being saved over a non-https url. When testing on localhost with SESSION_COOKIE_SECURE set to True in django, the session cookies will not persist between redirect and you will get this error in any kind of page change where session would be checked.

SESSION_COOKIE_SECURE=False for testing and it's all good


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...