Skip to content

Commit e8f621c

Browse files
yyysolhhhyyysolhhh
authored
Merge: 소셜로그인시 csrf, 세션획득하는 부분 추가
[inspection] 소셜로그인시 csrf, 세션획득하는 부분 추가
2 parents 5d7f839 + 42ca3fd commit e8f621c

File tree

1 file changed

+10
-2
lines changed

1 file changed

+10
-2
lines changed

apps/user/views.py

+10-2
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,10 @@
88
from dj_rest_auth.utils import jwt_encode
99
from dj_rest_auth.views import LoginView
1010
from django.conf import settings
11+
from django.contrib.auth import login
1112
from django.core.cache import cache
1213
from django.core.files.base import ContentFile
14+
from django.middleware.csrf import get_token
1315
from django.utils import timezone
1416
from drf_spectacular.utils import extend_schema, inline_serializer
1517
from rest_framework import permissions, serializers, status
@@ -214,7 +216,7 @@ def get_profile(self, access_token: str, provider_info: dict[str, Any]) -> reque
214216
},
215217
)
216218

217-
def login_process_user(self, profile_res_data: dict[str, Any], provider_info: dict[str, Any]) -> Response:
219+
def login_process_user(self, request: Request, profile_res_data: dict[str, Any], provider_info: dict[str, Any]) -> Response:
218220
# 각 provider의 프로필 데이터 처리 로직
219221
email = profile_res_data.get(provider_info["email_field"])
220222
nickname = profile_res_data.get(provider_info["nickname_field"])
@@ -239,6 +241,9 @@ def login_process_user(self, profile_res_data: dict[str, Any], provider_info: di
239241
except Account.DoesNotExist:
240242
user = self.create_user(email=email, nickname=nickname, profile_img_url=profile_img_url, provider_info=provider_info) # type: ignore
241243

244+
# 로그인해서 세션획득
245+
login(request, user)
246+
242247
access_token, refresh_token = jwt_encode(user)
243248
response_data = {
244249
"access": str(access_token),
@@ -248,7 +253,10 @@ def login_process_user(self, profile_res_data: dict[str, Any], provider_info: di
248253
}
249254
if user.profile_img:
250255
response_data["profile_image"] = user.profile_img.url
251-
return Response(response_data, status=status.HTTP_200_OK)
256+
# set_cookie csrftoken
257+
response = Response(response_data, status=status.HTTP_200_OK)
258+
response.set_cookie("csrftoken", get_token(request))
259+
return response
252260

253261
def create_user(
254262
self, email: str, nickname: str, profile_img_url: Optional[str], provider_info: dict[str, Any]

0 commit comments

Comments
 (0)