如何在使用React Native登出时删除身份验证令牌?

huangapple go评论75阅读模式
英文:

How to delete authentication token when logging out with react native?

问题

我正在使用Django Rest Framework和React Native作为前端。我尝试在前端用户注销时删除身份验证令牌。但显然,当注销函数触发时,令牌仍然存在。因为在Django管理面板中仍然存在该令牌。

所以对于注销,我有这个服务:

export const logoutRequest = async () => {
	try {
		const response = await fetch("http://192.168.1.65:8000/api/user/logout/");
		await removeToken();
		return await response.json();
	} catch (error) {
		console.log(error);
		throw error;
	}
};

removeToken函数:

export const removeToken = async () => {
	try {
		await AsyncStorage.removeItem("Token");
	} catch (error) {
		console.log("删除身份验证令牌失败:", error?.message);
	}
};

所以当用户登录时,我看到在Django管理面板中创建了一个令牌。但是当用户在前端注销时,我在Django管理面板中看不到令牌已被删除。但是注销的API调用确实有效。我在Swagger中进行了测试,令牌已在Django管理面板中删除。

问题:如何在React Native中删除身份验证令牌?

当我在React Native中触发注销函数时,我在后端看到这个消息:

未经授权:/api/user/logout/
[25/May/2023 10:35:54] "GET /api/user/logout/ HTTP/1.1" 401 58
英文:

I am using django rest framework and react native for the front-end. I am trying to delete the authentication token when a user is logging out in the front-end. But apparently the token stil exist when the logout function is triggered. Because the token still exists in the django admin panel.

So for the logout I have this service:

export const logoutRequest = async () => {
	try {
		const response = await fetch("http://192.168.1.65:8000/api/user/logout/");
		await removeToken();
		return await response.json();
	} catch (error) {
		console.log(error);
		throw error;
	}
};

and removeToken:

export const removeToken = async () => {
	try {
		await AsyncStorage.removeItem("Token");
	} catch (error) {
		console.log("Renove authentication token failed :", error?.message);
	}
};

So when a user logs in I see that a token is created in the django admin panel. But when a user logs out in the front-end I don't see in the django admin panel that the token has been removed. But the api call for the logout works. I tested this in swagger. The token has been removed in the django admin panel.

Question: how to remove the authentication token with react native?

When I trigger the log out function in react-native. I see this message in the backend:

Unauthorized: /api/user/logout/
[25/May/2023 10:35:54] "GET /api/user/logout/ HTTP/1.1" 401 58

答案1

得分: 1

为了正确注销Django应用程序,您的请求也应包含身份验证令牌,类似这样(不一定是这种方式,取决于您的实现):

const token = localStorage.getItem("authToken");
const response = await fetch("http://192.168.1.65:8000/api/user/logout/", {
  withCredentials: true,
  credentials: "include",
  headers: {
    "Authorization": `token ${token}`, // 根据您的实现可能会有类似这样的内容
  },
});

没有它,Django应用程序不知道要注销哪个用户。

这就是为什么您会收到401 Unauthorized错误。

英文:

To properly logout from the Django application, your request should include authentication token too, something like this (not necessarely this way, it depends on your implementation):

const token = localStorage.getItem("authToken");
const response = await fetch("http://192.168.1.65:8000/api/user/logout/", {
  withCredentials: true,
  credentials: "include",
  headers: {
    "Authorization": `token ${token}`, // Something like this, depending on your implementation
  },
});

Without it, the Django application doesn't know which user to logout.

This is why you are getting the 401 Unauthorized error.

huangapple
  • 本文由 发表于 2023年5月25日 15:45:14
  • 转载请务必保留本文链接:https://go.coder-hub.com/76329972.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定