I am trying to make Django app work over https. It is using ajax and session authentication using csrf tokens. Login is working working fine but ajax request is failing without error message.
URL request of ajax has csrftoken, username and one input parameter.
Can somebody please help?
Check the console logs in the browser’s developer tools. Look at what the server is returning for the ajax calls. Also check the servers logs for the ajax request to see what the return code is.
Actually logs are not throwing any error. Request is not going to new API in https call. Everything works fine over http.
Does Django session authentication support https?
If yes, why authentication and session middlewares are rejecting https calls.
If you’re making AJAX calls from the browser, there are going to be records of it in the browser’s logs.
Actually, https is handled at a layer outside of Django. It’s either handled by the uwsgi container (or whatever app container you’re using), by Apache or nginx, or by a load balancer like haproxy.
How are you running your server?
I am using anaconda to run django server. i am running server with below command
python manage.py runsslserver -cert xxx -key yyy
I am able to login but sending ajax post request with csrfmiddlewaretoken is blocked.
Followed below tutorial for https
Any ideas why it is blocked or what troubleshooting steps i can take? Thanks
As identified earlier: