'Question about Django cookie management (API rest) in Flutter application. Is my system robust?
I'm starting in Flutter and I built an api with a login.
For authentication I get a cookie from my Django REST API. From my login POST request i store these cookies in my app.
cookie sample (1):
{set-cookie: csrftoken=7IASHmHBDkqkFxPnYF5rRjEaT0hyd4cxSKHKx2ibnNmmYBBvX68gVKOSDjPZxPAB; expires=Tue, 25 Apr 2023 21:35:15 GMT; Max-Age=31449600; Path=/; SameSite=Lax,
sessionid=05yj1bmg5ei7riw8glh13d0gmmw06jbq; expires=Tue, 26 Apr 2022 23:35:15 GMT; HttpOnly; Max-Age=7200; Path=/; SameSite=Lax, date: Tue, 26 Apr 2022 21:35:15 GMT, vary: Accept, Cookie, content-length: 0, referrer-policy: same-origin, cross-origin-opener-policy: same-origin, x-frame-options: DENY, x-content-type-options: nosniff, server: WSGIServer/0.2 CPython/3.10.2, allow: POST, OPTIONS}
Then to make a GET request I need to set a cookie of the form bellow.
"csrftoken=MZ8YuHN7GaGPId6XEoHOmLJGCj5FrJFU1lElphAxWJVwq366rPoAyI3fOhcEK6ks; sessionid=7cwighx7vbpcoszfl5ltxy2jf32psjeh"
To then use it in a Response object from Getx connect package :
Response response = await get(appBaseUrl + uri, headers: {"Cookie": COOKIE});
So i manage to transform to the right shape my cookie sample (1)
I would have liked to know if my system below is robust because it only needs to change a little bit and nothing will work anymore.
Do you have another solution to advise me?
Future<ResponseModel> login(String username, String password) async {
_isLoading = true;
update();
Response response = await authRepo.login(username, password);
late ResponseModel responseModel;
if (response.statusCode == 202) {
print(response.headers);
print("the header set cookie " + response.headers!["set-cookie"].toString());
String setcookie = response.headers!["set-cookie"].toString();
List<String> list_setcookie = setcookie.split(';');
var list_list_setcookie = [];
var item_setcookie = "";
for (var i = 0; i < list_setcookie.length; i++) {
List<String> a = list_setcookie[i].split(',');
list_list_setcookie.add(a);
}
var csrftoken = "";
var sessionid = "";
sessionid = list_list_setcookie[4][1];
csrftoken = list_list_setcookie[0][0];
var cookie = "";
cookie = csrftoken + ";" + sessionid;
print(cookie);
AppConstants.COOKIE = cookie;
authRepo.saveUserToken(response.headers!["set-cookie"].toString());
authRepo.saveUserHeaders(response.headers);
print("the saved cookie is : " + AppConstants.COOKIE);
responseModel = ResponseModel(true, response.headers!["set-cookie"].toString());
} else {
responseModel = ResponseModel(false, response.statusText!);
}
_isLoading = false;
update();
return responseModel;
}
Thanks a lot !
Gum
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|