so. just spend 7 hours trying to set up my Android app to connect with django's csrf. let me save you some time
all of the everything about connecting to django using csrf and authentication talks about AJAX, and there is very little information about actually connecting with Android. Throw in the fact that Android httpurlconnection objects are obtuse, have terrible documentation, and there are no good tuturials about cookies that don't use some random persons half-baked personal library, and you get me spending 7 hours trying to get my app to log in.
so here heres how to do it.
#YOU NEED TO SET THE FULL COOKIE, NOT JUST THE CSRF TOKEN
**WRONG:**
csrftoken=3JR5KZ4tHrDRlPvVwufhrT8Zn83sklwk;
**CORRECT:**
csrftoken=3JR5KZ4tHrDRlPvVwufhrT8Zn83sklwk; expires=Tue, 13-Nov-2018 00:29:33 GMT; Max-Age=31449600; Path=/
grumble grumble grumble
I literally went into django.middleware.csrf and put in a bunch of print statements to try to figure out what was happening.
edit:
heres the full android code for setting the cookies (lots of non-important details omited):
URL url = new URL(serverURL + myurl);
//URL url = new URL(myurl);
HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
urlConnection.setRequestProperty("Content-Type","application/json");
//getFullCSRFcookie() returns the full cookie string with time stamps and everything
urlConnection.setRequestProperty("Cookie", getFullCSRFcookie());
urlConnection.connect();
Edit: love how the only comments basically boil down to "I don't know what your project is, but you're doing it wrong." Lol you keep being you, reddit
/r/django
https://redd.it/7crsn5
all of the everything about connecting to django using csrf and authentication talks about AJAX, and there is very little information about actually connecting with Android. Throw in the fact that Android httpurlconnection objects are obtuse, have terrible documentation, and there are no good tuturials about cookies that don't use some random persons half-baked personal library, and you get me spending 7 hours trying to get my app to log in.
so here heres how to do it.
#YOU NEED TO SET THE FULL COOKIE, NOT JUST THE CSRF TOKEN
**WRONG:**
csrftoken=3JR5KZ4tHrDRlPvVwufhrT8Zn83sklwk;
**CORRECT:**
csrftoken=3JR5KZ4tHrDRlPvVwufhrT8Zn83sklwk; expires=Tue, 13-Nov-2018 00:29:33 GMT; Max-Age=31449600; Path=/
grumble grumble grumble
I literally went into django.middleware.csrf and put in a bunch of print statements to try to figure out what was happening.
edit:
heres the full android code for setting the cookies (lots of non-important details omited):
URL url = new URL(serverURL + myurl);
//URL url = new URL(myurl);
HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
urlConnection.setRequestProperty("Content-Type","application/json");
//getFullCSRFcookie() returns the full cookie string with time stamps and everything
urlConnection.setRequestProperty("Cookie", getFullCSRFcookie());
urlConnection.connect();
Edit: love how the only comments basically boil down to "I don't know what your project is, but you're doing it wrong." Lol you keep being you, reddit
/r/django
https://redd.it/7crsn5
reddit
so. just spend 7 hours trying to set up my Android app... • r/django
all of the everything about connecting to django using csrf and authentication talks about AJAX, and there is very little information about...
Python 3.9 will remove backwards compatibility layers for Python 2.7
https://docs.python.org/3.9/whatsnew/3.9.html#you-should-check-for-deprecationwarning-in-your-code
/r/Python
https://redd.it/iydze3
https://docs.python.org/3.9/whatsnew/3.9.html#you-should-check-for-deprecationwarning-in-your-code
/r/Python
https://redd.it/iydze3
reddit
Python 3.9 will remove backwards compatibility layers for Python 2.7
Posted in r/Python by u/pimterry • 200 points and 41 comments