英文:
How to delete authentication token when logging out with react native?
问题
我正在使用Django Rest Framework和React Native作为前端。我尝试在前端用户注销时删除身份验证令牌。但显然,当注销函数触发时,令牌仍然存在。因为在Django管理面板中仍然存在该令牌。
所以对于注销,我有这个服务:
export const logoutRequest = async () => {
try {
const response = await fetch("http://192.168.1.65:8000/api/user/logout/");
await removeToken();
return await response.json();
} catch (error) {
console.log(error);
throw error;
}
};
和removeToken
函数:
export const removeToken = async () => {
try {
await AsyncStorage.removeItem("Token");
} catch (error) {
console.log("删除身份验证令牌失败:", error?.message);
}
};
所以当用户登录时,我看到在Django管理面板中创建了一个令牌。但是当用户在前端注销时,我在Django管理面板中看不到令牌已被删除。但是注销的API调用确实有效。我在Swagger中进行了测试,令牌已在Django管理面板中删除。
问题:如何在React Native中删除身份验证令牌?
当我在React Native中触发注销函数时,我在后端看到这个消息:
未经授权:/api/user/logout/
[25/May/2023 10:35:54] "GET /api/user/logout/ HTTP/1.1" 401 58
英文:
I am using django rest framework and react native for the front-end. I am trying to delete the authentication token when a user is logging out in the front-end. But apparently the token stil exist when the logout function is triggered. Because the token still exists in the django admin panel.
So for the logout I have this service:
export const logoutRequest = async () => {
try {
const response = await fetch("http://192.168.1.65:8000/api/user/logout/");
await removeToken();
return await response.json();
} catch (error) {
console.log(error);
throw error;
}
};
and removeToken:
export const removeToken = async () => {
try {
await AsyncStorage.removeItem("Token");
} catch (error) {
console.log("Renove authentication token failed :", error?.message);
}
};
So when a user logs in I see that a token is created in the django admin panel. But when a user logs out in the front-end I don't see in the django admin panel that the token has been removed. But the api call for the logout works. I tested this in swagger. The token has been removed in the django admin panel.
Question: how to remove the authentication token with react native?
When I trigger the log out function in react-native. I see this message in the backend:
Unauthorized: /api/user/logout/
[25/May/2023 10:35:54] "GET /api/user/logout/ HTTP/1.1" 401 58
答案1
得分: 1
为了正确注销Django应用程序,您的请求也应包含身份验证令牌,类似这样(不一定是这种方式,取决于您的实现):
const token = localStorage.getItem("authToken");
const response = await fetch("http://192.168.1.65:8000/api/user/logout/", {
withCredentials: true,
credentials: "include",
headers: {
"Authorization": `token ${token}`, // 根据您的实现可能会有类似这样的内容
},
});
没有它,Django应用程序不知道要注销哪个用户。
这就是为什么您会收到401 Unauthorized
错误。
英文:
To properly logout from the Django application, your request should include authentication token too, something like this (not necessarely this way, it depends on your implementation):
const token = localStorage.getItem("authToken");
const response = await fetch("http://192.168.1.65:8000/api/user/logout/", {
withCredentials: true,
credentials: "include",
headers: {
"Authorization": `token ${token}`, // Something like this, depending on your implementation
},
});
Without it, the Django application doesn't know which user to logout.
This is why you are getting the 401 Unauthorized
error.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论