Question

我遵循了本教程（https://artandlogic.com/2014/04/tutorial-adding-facebooktwittergoogle-authentication-to-a-django-application/），我收到了以下错误消息。我已经在EC2-实例上托管了我的服务器，并且我有一个域http://(xyz).com。我也看到了这个问题的答案（Session value missing after redirect with django python-social-auth），但我没有得到任何帮助。

这是文本中的堆栈跟踪

 AuthStateMissing at /api/user/complete/google-oauth2/
Session value state missing.
Request Method: GET
Request URL:    http://interviewmiles.com:8000/api/user/complete/google-oauth2/?state=9Sa5JSkbcAbbGzBtqpx6jtbLCuJPe6kJ&code=4/c4VTig14u7THYLd1M4VoTRf1dnq58wp6S68EbkSwhZs&authuser=0&session_state=8aa4e419c219643dc264950a24151457677d99ae..b805&prompt=none
Django Version: 1.9.7
Exception Type: AuthStateMissing
Exception Value:    
Session value state missing.
Exception Location: /usr/local/lib/python2.7/site-packages/social/backends/oauth.py in validate_state, line 88
Python Executable:  /usr/bin/python
Python Version: 2.7.10
Python Path:    
['/home/ec2-user/interviewmiles/login',
 '/usr/local/lib/python2.7/site-packages/django_cors_headers-1.1.0-py2.7.egg',
 '/usr/lib64/python27.zip',
 '/usr/lib64/python2.7',
 '/usr/lib64/python2.7/plat-linux2',
 '/usr/lib64/python2.7/lib-tk',
 '/usr/lib64/python2.7/lib-old',
 '/usr/lib64/python2.7/lib-dynload',
 '/usr/local/lib64/python2.7/site-packages',
 '/usr/local/lib/python2.7/site-packages',
 '/usr/lib64/python2.7/site-packages',
 '/usr/lib/python2.7/site-packages',
 '/usr/lib64/python2.7/dist-packages',
 '/usr/lib64/python2.7/dist-packages/PIL',
 '/usr/lib/python2.7/dist-packages']

/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py in get_response
                response = self.process_exception_by_middleware(e, request) ...

▶ Local vars
/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py in get_response
                    response = wrapped_callback(request, *callback_args, **callback_kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/site-packages/django/views/decorators/cache.py in _wrapped_view_func
        response = view_func(request, *args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/site-packages/django/views/decorators/csrf.py in wrapped_view
        return view_func(*args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/site-packages/social/apps/django_app/utils.py in wrapper
            return func(request, backend, *args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/site-packages/social/apps/django_app/views.py in complete
                       redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/site-packages/social/actions.py in do_complete
        user = backend.complete(user=user, *args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/site-packages/social/backends/base.py in complete
        return self.auth_complete(*args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/site-packages/social/utils.py in wrapper
            return func(*args, **kwargs) ...
▶ Local vars
/usr/local/lib/python2.7/site-packages/social/backends/oauth.py in auth_complete
        state = self.validate_state() ...
▶ Local vars
/usr/local/lib/python2.7/site-packages/social/backends/oauth.py in validate_state
            raise AuthStateMissing(self, 'state')

Answer 1

我设法通过设置最终解决了这个问题

SOCIAL_AUTH_REDIRECT_IS_HTTPS = True

在我的settings.py文件中。

我的生产服务器使用nginx将HTTP重定向到HTTPS，这是导致会话状态丢失的原因。祝您好运-希望对您有帮助！

Answer 2

我通过设置

解决了这个问题

SOCIAL_AUTH_FIELDS_STORED_IN_SESSION = ['state']
SESSION_COOKIE_SECURE = False

在settings.py

中

Answer 3

我遇到这个问题是因为我在下面设置了 Django 配置。删除它解决了这个错误，我可以正常登录。

# DO NOT set this, it's what caused the error
SESSION_COOKIE_SAMESITE = "None"

我在 Django==3.1.8

python社交认证中缺少会话状态

3 个答案: