I had a working page running Django with channels via Nginx, Daphne, Redis, and Gunicorn. After pulling an update from Github my index page now shows "Bad Request (400)" with nothing helpful in the console except for missing favicon. My settings.py has DEBUG = False and ALLOWED_HOSTS = ['AWS_IP']. Can anyone help me figure out what might be causing this?
Related
I am trying to implement GoogleAuth on my app, and although it works on localhost, the GoogleAuth does not work on Heroku. When I click on Login with Google on the signup page it says this, Error 400: redirect_uri_mismatch... If you’re the app developer, make sure that these request details comply with Google policies. origin: https://astrogram-jeff.herokuapp.com and if I do it from the login it says this Error 401: invalid_client The OAuth client was not found. None of this is a problem on localhost but I ran out of ideas on what to do to fix this. I have added the ID and the secret key on the config vars on heroku, and I added https://astrogram-jeff.herokuapp.com on the JavaScript Origins and the redirect URIs, but it just does not work, the OAuth Consent Screen is also in Production so I just cannot figure out what's wrong. The Google Info is also on a .env. Any help would be greatly appreciated.
Repo: https://github.com/JeffersonGarcia15/Astrogram
Live: https://astrogram-jeff.herokuapp.com
There is an issue that when you switch from login-signup sometimes the button seems to be disabled but refreshing the page enables it again, but that's not really the main concern, the main problem is GoogleAuth not working on Heroku despite the fact that it does work on localhost. This is a Flask/PostrgreSQL/SQLAlchemy/React/Redux app.
Currently trying to fix this issue, I have browsed many posts but still cannot solve this problem hence this message to the community :)
I am creating a dev/test environment for a Flask based website and I have to duplicate the current website into a subdomain, such as from mydomain.com to dev.mydomain.com and so on for the additional related services such as elastic search (e.g. from es.mydomain.com to es-dev.mydomain.com).
So here I am, I deployed everything through Nginx, the main website dev.mydomain.com and all services run and are accessible. BUT I cannot log in to Flask which throws me an error 400 missing CSRF session token when there is actually 2 session tokens ... it seems that 1 duplicate is created in the form submission process as the cookie holds 2 session keys.
Before form submission
Original cookie keys: _ga=...; _gid=...; session=...
Dev cookie keys: session=...; Domain=.dev.mydomain.com; Secure; HttpOnly; Path=/
After form submission
Original website cookie keys: _ga=...; _gid=...; session=...
Dev wbesite cookie keys: _ga=...; _gid=...; session=...; session=...
CSRF is enabled for the whole app via csrf.init_app(app) and my Flask config is:
SECRET_KEY = os.getenv("SECRET_KEY")
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
REMEMBER_COOKIE_SECURE = True
REMEMBER_COOKIE_HTTPONLY = True
I'm trying different config flavors but no improvement so far ...
Some help would be appreciated as always, thank you in advance :)
For the record, one just needs to set the SESSION_COOKIE_NAME configuration paramater to solve that problem
Cf. https://flask.palletsprojects.com/en/1.1.x/config/#SESSION_COOKIE_NAME
I'm a beginner in Django and I'm studying Django from the book "Django 2 by Example", written by Antonio Mele. I'm trying to add social authentication to my site(book page no. 251) {project name-bookmark, app name-account}. Up to this point, I'm installed the Django package
"social-auth-app-django",
synced python-social-auth models with database using migration and added "social_django" to the INSTALLED_APPS settings of my project. Then I've added
path('social-auth/', include('social_django.urls', namespace='social')),
now it is telling me to edit my hosts file located at "C:\Windows\System32\Drivers\etc\hosts" and to add "127.0.0.1 mysite.com" line which I've added. After this running server "http://example.com:8000/account/login/" should give error, here example.com is actually mysite.com,
DisallowedHost at /account/login:
Invalid HTTP_HOST header:'mysite.com:8000'.You may need to add 'mysite.com' to ALLOWED_HOSTS.
But I don't know why it isn't showing instead of that it gives me "This site can’t be reached. mysite.com refused to connect."
But it works perfectly fine at 127.0.0.1:8000.
Please help me I'm stuck. I've searched on google as well as watched videos on youtube but still, this error can't be solved(generated) by me.
Edit the hosts file in your etc folder.
Don't add the # on the line that contains your new line adding mysite.com
After migration from python-social-auth to split social according to this file I get 401 error (DEBUG=False) when somebody want to sign in using VK backend.
401 Client Error: Unauthorized for url: https://oauth.vk.com/access_token
Exception Location: /usr/local/lib/python3.5/dist-packages/requests/models.py in raise_for_status, line 844
What I have tried to far:
I have tried to reset VK app keys and change them in settings.
Also I have checked the redirect URI's in VK app and they are the same as in the request.
I think the problem is not with VK app setup but most probably in missing settings inside of split social Django app. Any ideas are welcome!
The issue was solved after
I had two redirect URI's in my VK app settings. (one with "www", another without) I have removed one.
I added again "'social.apps.django_app.default' into the settings.py
In my Django project's settings.py for deployment i want mywebsite.com to be the allowed hosts but putting it so throws the 500 error.
For production server when i use:
ALLOWED_HOSTS = ['localhost', 'mywebsite.com']
It throws error 500 on every page.
But if i change it to
ALLOWED_HOSTS = ['*']
It works fine.
I checked error.log of nginx but there is not error logged.
But i guess its not safe to keep * and i just want to keep mywebsite.com or www.mywebsite.com
Please suggest why its throwing 500 error.
Thanks
Probably a duplicate of Allowed Host Setting for Django on EC2 where I can find the answer working fine (as they have accepted it). Please try it like and check if this works.
ALLOWED_HOSTS = ['.mywebsite.com']