6

I am trying the method in the answer here. Something like this:

url = 'https://InternalURL'
token = 'api token here'
response = redirect(url)
response['Token'] = token
return response

This code lives in a view that is called when clicking a link in a template. Some things are performed to build the correct url & get the api token prior to this code.

If I inspect the requests through Fiddler, the first redirect that has the 302 status code contains the headers I set. But the subsequent request that attempts to navigate to the actual url I want to redirect to, the headers I need are not set.

Obviously that results in the request failing since the authentication token doesn't exist in the header.

Am I completely missing something obvious? Is there a better way to do this? Thank you in advance for any help!

Community
  • 1
  • 1
deadline123
  • 61
  • 1
  • 2
  • Well that's an http concept problem I think. If you set a header in the response that is not a cookie, your client must set it manually again. – Alvaro Jun 06 '16 at 16:44
  • Hmm.. So do you perhaps have any suggestions on how to accomplish that, or go about this a different way? – deadline123 Jun 07 '16 at 18:07
  • set it as a cookie with `set_cookie` see this answer: http://stackoverflow.com/questions/1622793/django-cookies-how-can-i-set-them – Alvaro Jun 08 '16 at 17:22

1 Answers1

0

try the code below, It worked for me

 base_url = '/dashboard/'  # 1 /<redirect-route>
 query_string =  urlencode({'token': jwt.encode(payload, "SECRET PHRASE")})  # 2 token=jwt-token
 url = '{}?{}'.format(base_url, query_string)  # 3 /<redirect-route>/?token=jwt-token
        return redirect(url)

And you can retrieve at the view like

token = request.GET.get('token')

I don't know if it is the best way, but yes it worked in my case.

Developer
  • 107
  • 7