I'm a newbie at Django and simplejwt and I have encountered a problem. Tokens are being sent to me from our Angular frontend by the names of "app_token" and "access_token" but I cannot find a way to retrieve them in my Django code. I have tried names like "HTTP_APP_TOKEN" and "HTTP_ACCESS_TOKEN" and even had our frontend team rename the tokens but that didn't help as well. Does anyone have any ideas?
Asked
Active
Viewed 244 times
0
-
*by the names of "app_token" and "access_token"* - what does this mean? Do you mean field names in the request header? Ususally the token is sent in the "Authorization" header, e.g. Authorization Bearer
– jps Jun 02 '22 at 08:56 -
That's right, they're named that way in my request header. I don't know much about this issue and the more I search the more confused I get so I don't really know the reason why they chose not to send it in Authorization header. The tokens do have the "Bearer
" format tho. – Iduh Jun 02 '22 at 09:27 -
Are you using djangorestframwork-simplejwt? – Metalgear Jun 02 '22 at 12:55
-
Yes, David. I'm using djangorestframework-simplejwt. – Iduh Jun 02 '22 at 19:07
2 Answers
0
Since I don't have enough reputiation to add a comment yet, I want to make sure if you are using a nginx to forward your request. If yes, maybe follow answer will be helpful, otherwise, please comment me to delete.
By default Nginx ignores the headers with underscore. This can explain why your header property like app_token, access_token cannot pass to the backend.
1> You could set underscores_in_headers on in your nginx config.
2> Using header preperty without underscore.
paulL
- 1
- 2
0
You can get token from request; For example you protect views with IsAuthenticated permissions and you have a method name get in views
def get(self, request):
token = request.headers['Authorization']
# other code
If you have used simplejwt then token is passed like Bearer access_token from frontend as headers
Shishir Subedi
- 609
- 3
- 10