我正在使用python-social-auth对django项目进行身份验证。我在localhost上运行django服务器并让facebook设置我的应用程序以重定向到http://127.0.0.1:8000/complete/facebook/,这开始python-social-auth的管道来验证用户。我使用postgres作为我的数据库。
调用此方法并尝试进行身份验证时,无法找到有关会话的信息。从https://github.com/omab/python-social-auth/issues/534开始,我认为sessionid cookie正在被覆盖。如果我将facebook重定向发送到另一个网址以加载没有身份验证的静态页面,则没有错误,但我也没有验证或从Facebook获取任何信息。
我如何不覆盖sessionid cookie-当然,这是实际问题 - 还是我可能在这里缺少另一个问题?
[03/Jun/2016 05:19:58] "GET /login/facebook/?next=/lithium-web/ HTTP/1.1" 302 0
Internal Server Error: /complete/facebook/
Traceback (most recent call last):
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/django/core/handlers/base.py", line 149, in get_response
response = self.process_exception_by_middleware(e, request)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/django/core/handlers/base.py", line 147, in get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/django/views/decorators/cache.py", line 57, in _wrapped_view_func
response = view_func(request, *args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/django/views/decorators/csrf.py", line 58, in wrapped_view
return view_func(*args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/apps/django_app/utils.py", line 51, in wrapper
return func(request, backend, *args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/apps/django_app/views.py", line 28, in complete
redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/actions.py", line 43, in do_complete
user = backend.complete(user=user, *args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/backends/base.py", line 41, in complete
return self.auth_complete(*args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/utils.py", line 229, in wrapper
return func(*args, **kwargs)
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/backends/facebook.py", line 71, in auth_complete
state = self.validate_state()
File "/Users/mac/Desktop/lithium-web/lib/python2.7/site-packages/social/backends/oauth.py", line 88, in validate_state
raise AuthStateMissing(self, 'state')
AuthStateMissing: Session value state missing.
答案 0 :(得分:5)
此错误是由于会话cookie未通过非https网址保存。在django中将SESSION_COOKIE_SECURE设置为True的localhost上进行测试时,会话cookie将不会在重定向之间保持不变,您将在任何类型的页面更改中收到此错误,其中将检查会话。
SESSION_COOKIE_SECURE =测试错误,一切都很好
答案 1 :(得分:0)
通过从django设置中删除LOGIN_REDIRECT_URL来解决此问题。
实际上python_social_auth管道结构将LOGIN_REDIRECT_URL设置为next,即重定向到url,但遗憾的是它们没有处理命名模式。因此,当我们将LOGIN_REDIRECT_URL设置为myapp:index时,会产生此错误。
因此,要么删除此设置,要么使用直接模式,即
LOGIN_REDIRECT_URL = myapp/index
答案 2 :(得分:0)
我也有这个问题。通过在我的settings.py文件中添加“ SOCIAL_AUTH_REDIRECT_IS_HTTPS = True”来解决该问题,因为我的配置使用nginx重定向到HTTPS。我只能通过阅读以下文档来找到此答案:https://python-social-auth-docs.readthedocs.io/en/latest/configuration/settings.html