Apache, Nginx, WSGI, django cookies get lost.

Posted by Jack M. on Stack Overflow See other posts from Stack Overflow or by Jack M.
Published on 2010-03-22T19:33:19Z Indexed on 2010/03/22 19:41 UTC
Read the original article Hit count: 1141

Filed under:
|
|
|
|

I'm running into a problem trying to get a Django application running in my staging environment. I'm running nginx as a reverse proxy with Apache 2.2/mod_wsgi as the target, and my Django app behind that. The problem is that the cookies are getting lost somewhere between nginx and Apache.

My nginx.conf (ripped out a few locations to keep it small):

http {
    gzip  on;

    proxy_set_header        Host            $host;
    proxy_set_header        X-Real-IP       $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_pass_header       Set-Cookie;

    upstream django {
        server 127.0.0.1:8080;
    }

    server {
        listen       80;
        server_name  encendio.iigins.com;
        location / {
            proxy_pass  http://django;
        }
    }
}

My Apache vhosts file:

<VirtualHost *:8080>
    ServerName encendio.test.com
    ServerAdmin [email protected]
    DocumentRoot "/usr/local/www/apache22/data"
    WSGIScriptAlias / /usr/local/www/apache22/data/sasquatch/wsgi_handler.py
</VirtualHost>

If I directly to http://encendio.test.com:8080/ the cookies work and I can log into the admin area. If I log into http://encendio.test.com/, the admin area tells me my browser isn't using cookies.

Now things get kind of weird.
I went so far as to look at the environ being passed into my wsgi_handler.py:

_application = django.core.handlers.wsgi.WSGIHandler()
def application(environ, start_response):
    print >> sys.stderr, environ.get('HTTP_COOKIE', "No Cookie")
    return _application(environ, start_response)

It shows the cookie existing in the environment:

[Mon Mar 22 12:15:50 2010] [error] csrftoken=9f2569elkj67984242f0e7a6dea0b791; sessionid=4e5432hjkds8603f26d5ffa02b10cd27

And this cookie matches up with what I see in nginx's log if I plug in $http_cookie on the end of the log. So Apache is getting the cookie in some form, but it's not ending up where Django can see it.

I'm at my wit's end for why this isn't working, so any help is greatly appreciated.

Ninja Edit:
I forgot to mention that Firefox is seeing the cookies. The oddity is that every time I attempt to log in, I get a new sessionid.

© Stack Overflow or respective owner

Related posts about apache

Related posts about mod-wsgi