I am trying to access *csrftoken* sent in response header through *Django
Rest Framework API *to* Angular 8* , but unable to do that.The csrf token
is visible in developer tools in Chrome.please help me to resolve this
issue as i am trying this from 1 week.
the above snippet shows the csrf token in Set-Cookie section.I want to
access this value in angular code so that i can send it in request to call
an api.
I have attached Django Api *settings.py *file.
Below is my angular code where i am trying to access the the headers from
response.
*Login code which is calling django api and in response getting various
headers.*
login(email: string, password: string) {
this.email = email;
return this.http.post<any>("http://127.0.0.1:8000/api/Login/";, { email,
password },{ observe: 'response' })
.pipe(tap((user) => {
localStorage.setItem('currentUser', JSON.stringify(user));
console.log(user);
console.log("csrftoken:" + user.headers.get('csrftoken'));
// tring to access csrf using headers
this.currentUserSubject.next(user);
this.data.setLoggedIn(true);
console.log("cookie data:"+this.Cookie.get('csrftoken'));
//trying to access using cookie
return user;
}));
}
All other headers are accessible except *Set-Cookie:csrftoken* response
header. can anybody please help me out here?Any help will be appreciated.
--
You received this message because you are subscribed to the Google Groups
"Angular and AngularJS discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to angular+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/angular/a449e596-ac4b-4177-be9c-eb7a30d03214o%40googlegroups.com.
"""
Django settings for BookingWebsite project.
Generated by 'django-admin startproject' using Django 3.0.5.
For more information on this file, see
https://docs.djangoproject.com/en/3.0/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/3.0/ref/settings/
"""
import os
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'zlxvctw0ab1+6c79%o@c1#=##7-ro=pk+_35#eihyntl+)f+_0'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = []
CORS_ORIGIN_WHITELIST = [
"https://localhost:44357";,
]
# Application definition
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'Booking.apps.BookingConfig',
'rest_framework',
'rest_framework.authtoken',
'corsheaders',
'multiselectfield',
# 'simple_email_confirmation',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
]
ROOT_URLCONF = 'BookingWebsite.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [os.path.join(BASE_DIR, 'templates')]
,
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
},
},
]
WSGI_APPLICATION = 'BookingWebsite.wsgi.application'
# Database
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
# DATABASES = {
# 'default': {
# 'ENGINE': 'django.db.backends.sqlite3',
# 'NAME': os.path.join(BASE_DIR, 'MelexiaBookingDB.sqlite3'),
# }
# }
DATABASES = {
'default': {
'ENGINE': 'djongo',
'NAME': 'MelexiaBookingDB',
'HOST':'localhost',
'PORT':27017
}
}
# Password validation
# https://docs.djangoproject.com/en/3.0/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
# Internationalization
# https://docs.djangoproject.com/en/3.0/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/3.0/howto/static-files/
STATIC_URL = '/static/'
EMAIL_USE_TLS = True
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_HOST_USER = 'dhayakar.dhaya...@gmail.com'
EMAIL_HOST_PASSWORD = '9666511007'
EMAIL_PORT = 587
# REST_FRAMEWORK = {
# 'DEFAULT_AUTHENTICATION_CLASSES': (
# 'rest_framework.authentication.TokenAuthentication',
# )
# }
# from Booking.models import PatientRegistration
# AUTH_USER_MODEL='PatientRegistration'
