Django-多个端口上的会话 cookie 和站点
我有多个 Django 项目在一台服务器上运行,使用 gunicorn 和 nginx.目前,它们都被配置为使用 nginx 中的服务器指令在同一 IP 地址的唯一端口上运行。这一切都运行良好。
...
server {
listen 81;
server_name my.ip.x.x;
... #static hosting and reverse proxy to site1
}
server {
listen 84;
server_name my.ip.x.x;
... #static hosting and reverse proxy to site2
}
...
当我在 2 个选项卡中打开 2 个不同的项目时,我遇到了一个问题,我意识到我无法同时登录这两个站点(都使用内置的 Django 用户模型和身份验证)。在检查浏览器中保存的 cookie 后,我意识到 cookie 只绑定到域名(在我的例子中只是一个 IP 地址),并且不包括端口。
在第二个站点上,我尝试更改 SESSION_COOKIE_NAME 和SESSION_COOKIE_DOMAIN,但它似乎不起作用,并且在当前设置下我什至无法登录。
SESSION_COOKIE_DOMAIN = 'my.ip.x.x:84' #solution is to leave this as default
SESSION_COOKIE_NAME = 'site2' #just using this works
SESSION_COOKIE_PATH = '/' #solution is to leave this as default
#site1 is using all default values for these
我需要做什么才能让两个站点的 cookie 独立工作?
I have multiple Django projects running on one server using gunicorn and nginx. Currently they are each configured to run on a unique port of the same IP address using the server directive in nginx. All this works fine.
...
server {
listen 81;
server_name my.ip.x.x;
... #static hosting and reverse proxy to site1
}
server {
listen 84;
server_name my.ip.x.x;
... #static hosting and reverse proxy to site2
}
...
I came across a problem when I had 2 different projects open in 2 tabs and I realized that I could not be logged into both sites at once (both use the built-in Django User model and auth). Upon inspecting the cookies saved in my browser, I realized that the cookie is bound to just the domain name (in my case just an ip address) and it does not include the port.
On the second site, I tried changing SESSION_COOKIE_NAME annd SESSION_COOKIE_DOMAIN, but it doesn't seem to be working and with these current settings I can't even log in.
SESSION_COOKIE_DOMAIN = 'my.ip.x.x:84' #solution is to leave this as default
SESSION_COOKIE_NAME = 'site2' #just using this works
SESSION_COOKIE_PATH = '/' #solution is to leave this as default
#site1 is using all default values for these
What do I need to do to get cookies for both sites working independently?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
只需更改
SESSION_COOKIE_NAME即可。据了解,SESSION_COOKIE_DOMAIN不支持端口号。所以它们对于您的应用程序来说都是相同的。Just change the
SESSION_COOKIE_NAME. TheSESSION_COOKIE_DOMAINdoesn't support port numbers afaik. So they are all the same for your apps.另一种不需要为每个站点硬编码不同 cookie 名称的解决方案是编写一个中间件,根据请求传入的端口更改 cookie 名称。
这是一个简单的版本(只有几行代码)。
Another solution that doesn't require hard-coding different cookie names for each site is to write a middleware that changes the cookie name based on the port the request came in on.
Here's a simple version (just a few lines of code).