我的问题是误解了一些Django身份验证过程，忘记清除cookie，以及drf_firebase_auth包不支持cookie身份验证

为了在使用drf_firebase_auth时支持cookie身份验证，我扩展了包并重写了get_token函数。修改了get_token函数，以便在找不到授权标头时查找授权cookie

这样做对吗

import  sys, os

import drf_firebase_auth.authentication

from drf_firebase_auth.settings import api_settings
from drf_firebase_auth.settings import api_settings
from rest_framework import (
    authentication,
    exceptions
)
from django.utils.encoding import smart_text

class FirebaseCookieAuthentication (drf_firebase_auth.authentication.FirebaseAuthentication):

    def get_token(self, request):
        """
        Parse Authorization header and retrieve JWT
        """
        authorization_header = \
            authentication.get_authorization_header(request).split()
        auth_header_prefix = api_settings.FIREBASE_AUTH_HEADER_PREFIX.lower()

        #changed code begins

        if not authorization_header or len (authorization_header) != 2:
            for k, v in request.COOKIES.items():
                if k.lower() == "authorization":
                    authorization_header = v.split (' ', 1)
                    break

        #changed code ends

        if not authorization_header or len(authorization_header) != 2:
            raise exceptions.AuthenticationFailed(
                'Invalid Authorization header format, expecting: JWT <token>.'
            )

        if smart_text(authorization_header[0].lower()) != auth_header_prefix:
            raise exceptions.AuthenticationFailed(
                'Invalid Authorization header prefix, expecting: JWT.'
            )

        return authorization_header[1]

谢谢