当登录到被禁止的 django 服务器时(未设置 CSRF cookie。):/admin/login/

问题描述 投票:0回答:0

该网站是实时的并且托管在远程服务器(aws ec2)上但是当我尝试登录到 django 管理员时它给出了错误。

登录 django admin 时出错

我已经浏览过之前的 SO 帖子,但他们没有帮助我修复:

设置.py

IP_ADDRESS = "HERE_WILL_BE_THE_IP_ADDRESS"

ALLOWED_HOSTS = [IP_ADDRESS, f"{IP_ADDRESS}:8000"]
CSRF_TRUSTED_ORIGINS = [f"http://{IP_ADDRESS}:8000/", f"http://{IP_ADDRESS}/", "http://127.0.0.1/", "http://127.0.0.1:8000/", "http://*.127.0.0.1/"]

INSTALLED_APPS = [
    "django.contrib.admin",
    "django.contrib.auth",
    "django.contrib.contenttypes",
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.staticfiles",
    "users",
    "django.contrib.sites",
    "allauth",
    "allauth.account",
    "allauth.socialaccount",
    "allauth.socialaccount.providers.google",
]

MIDDLEWARE = [
    "django.middleware.security.SecurityMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",
]

SECURE_REFERRER_POLICY = "no-referrer-when-downgrade"

CSRF_COOKIE_SECURE = True
SESSION_COOKIE_SECURE = False
CSRF_COOKIE_SAMESITE = 'None'
SESSION_COOKIE_SAMESITE = 'None'

# SMTP CONFIGURATION

EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_PORT = 587
EMAIL_USE_TLS = True
EMAIL_HOST_USER = PRO_SETTINGS["email_address"]
EMAIL_HOST_PASSWORD = PRO_SETTINGS["email_pass"]

LOGIN_URL = 'login'

AUTHENTICATION_BACKENDS = [
    'django.contrib.auth.backends.ModelBackend',
    'allauth.account.auth_backends.AuthenticationBackend'
]

SOCIALACCOUNT_LOGIN_ON_GET = True

SOCIALACCOUNT_PROVIDERS = {
    'google': {
        'SCOPE': [
            'profile',
            'email',
        ],
        'AUTH_PARAMS': {
            'access_type': 'online',
        },
        'OAUTH_PKCE_ENABLED': True,
    }
}

管理员登录在本地机器上完全正常,但在部署的服务器上显示错误。

网站上线我可以查看网站但无法登录 django 管理页面。

python django apache2 csrf django-csrf
© www.soinside.com 2019 - 2024. All rights reserved.