Create Django Session From Token
You could simply put the Token into a cookie.
That way, it will be send to the server automatically by the browser, and you could use it for authentication when the user accesses a downloadable file directly.
Instead of reading the Authorization:
header, tell your Django middleware to read the token string from the cookie.
I would like to have more information about this topic.
I also get a token from django but everytime i refresh the page the user as to login again. i would like to keep it in a cookie to let the user make requests even if he closes the browser.
I also want to secure it with csrf protection but i dont know how to do it.also, having the token as plain text in a cookie is it secure?I have a lot of doubt about this process.
I am using django as backend API and reactjs as frontend.
How to make django generate the cookie and the csrf cookie?
1) I want to be able to use the token to authenticate from the browser to my website (
2) I want to use this api for a mobile app as well? so creating a cookie, does it create a conflict during the mobile app authentication?