create httpOnly cookie in Angular and Django

Question

Am building an app using Django as the backend and Angular as the frontend. I understand that saving authentication token in httpOnly cookies is the safest, great. The real question is how do i do that. Been hearing around that i will need something like a middle man server to do that but i have not the slightest idea. Could anyone kindly point me in the right direction? I would be eternally grateful.

I've tried setting it on django that was when i realized it cannot be set across domain. So pls help

Angular 5
python 3.6
django 1.11

score 1 · Answer 1 · answered Jan 10 '18 at 18:41

1

In your settings.py file set SESSION_COOKIE_HTTPONLY=True

answered Jan 10 '18 at 18:41

Dash Winterson

1,197
8
19

thanks but the angular frontend and the django backend are on different domain so that won't work – phacic Jan 15 '18 at 15:16
I think you can set `SESSION_COOKIE_DOMAIN` to the angular sites domain – Dash Winterson Oct 14 '19 at 21:38

create httpOnly cookie in Angular and Django

1 Answers1