Django DRF: Not receiving refresh token cookie in TokenRefreshView
I'm working on a Django REST Framework project with JWT authentication. I'm trying to implement a token refresh mechanism using HTTP-only cookies, but I'm having trouble receiving the refresh token cookie in my TokenRefreshView.The token set in the SignIn view
Here's my SignIn view where I set the cookie:
class SignIn(viewsets.ViewSet):
def post(self, request):
# ... authentication logic ...
if user.check_password(password) and user.is_active:
token = RefreshToken.for_user(user)
context = {
"detail": "Sign in successful",
"user": user_data,
"token": str(token.access_token),
}
response = Response(context, status=status.HTTP_200_OK)
response.set_cookie(
"refresh_token",
str(token),
httponly=True,
max_age=settings.SIMPLE_JWT["REFRESH_TOKEN_LIFE_TIME"].total_seconds(),
)
return response
Here is my token refresh view
class TokenRefreshView(viewsets.ViewSet):
def post(self, request):
refresh_token = request.COOKIES.get("refresh_token")
print(request.COOKIES) # This prints an empty dict
print("refresh", refresh_token) # This prints "refresh None"
if not refresh_token:
return Response(
{"error": "Refresh token not found"},
status=status.HTTP_404_NOT_FOUND,
)
# ... rest of the view ...
Axios configuration
axios.defaults.withCredentials = true;