0

I have a project that used to run under WSGI, and I recently configured it to ASGI. It included code from back then, such as the following function that processes a login request:

def authenticate(req):
    ...
    try:
        query = models.User.objects.get(...)
        req.session['user'] = query.id #Login successful
        ...
    except:
        #No record, reject request
        ...

What I want to do now is to create a WebsocketConsumer and access the session from within. I have enabled SessionMiddlewareStack. The problem is that the consumer does not even see the session because the session's ID is not attached to the WebSocket request as a header. Is there a way to allow it to access the data?

class SpaceConsumer(WebsocketConsumer):
    def connect(self):
        #Session object is empty, while HTTP requests see it as populated with the user's ID
        if 'user' in self.scope['session']: 
            self.accept() #Only allow authenticated user

Information online is scarce, and most are written for older versions of Channels. I am using Channels v3.

OddBirdStanley
  • 1

1 Answers1

0

Never mind; it was a stupid mistake.

In case other people come here in the future with the same confusion, here is a reference to a solution: Use session data on websocket handshake.

The domain with which you create a Websocket connection must match that of your page. In my case, I opened the application using 127.0.0.1 but connected to WS using localhost. As a result, the cookies were not exposed.

Channels provides access to session objects just fine.

OddBirdStanley
  • 1