如何在phoenix中使用与会话的连接? [英] How to use connection with session in phoenix?

问题描述

我有一个身份验证插件，我想测试我的控制器.问题在于此插头中的行具有

I have an authentication plug and I want to test my controllers. The problem is that the line in this plug has

user_id = get_session(conn, :user_id)

当我使用这种方法时，它总是为零(我以前使用过脏技巧，但是我不再想要这样做):

And it's always nil when I'm using this method (I used dirty hack before, but I no longer want to do it):

  @session  Plug.Session.init([
    store:            :cookie,
    key:              "_app",
    encryption_salt:  "secret",
    signing_salt:     "secret",
    encrypt:          false
  ])

user = MyApp.Factory.create(:user)

conn()
|> put_req_header("accept", "application/vnd.api+json")
|> put_req_header("content-type", "application/vnd.api+json")
|> Map.put(:secret_key_base, String.duplicate("abcdefgh", 8))
|> Plug.Session.call(@session)
|> fetch_session
|> put_session(:user_id, user.id)

我正在使用此conn发送补丁请求，其会话user_id为nil.我的插件中IO.puts conn的结果:

I'm sending a patch request using this conn, and its session user_id is nil. Results of IO.puts conn in my plug:

%Plug.Conn{adapter: {Plug.Adapters.Test.Conn, :...}, assigns: %{},
 before_send: [#Function<0.111117999/1 in Plug.Session.before_send/2>,
  #Function<0.110103833/1 in JaSerializer.ContentTypeNegotiation.set_content_type/2>,
  #Function<1.55011211/1 in Plug.Logger.call/2>,
  #Function<0.111117999/1 in Plug.Session.before_send/2>], body_params: %{},
 cookies: %{}, halted: false, host: "www.example.com", method: "PATCH",
 owner: #PID<0.349.0>,
 params: %{"data" => %{"attributes" => %{"action" => "start"}}, "id" => "245"},
 path_info: ["api", "tasks", "245"], peer: {{127, 0, 0, 1}, 111317}, port: 80,
 private: %{MyApp.Router => {[], %{}}, :phoenix_endpoint => MyApp.Endpoint,
   :phoenix_format => "json-api", :phoenix_pipelines => [:api],
   :phoenix_recycled => true,
   :phoenix_route => #Function<4.15522358/1 in MyApp.Router.match_route/4>,
   :phoenix_router => MyApp.Router, :plug_session => %{},
   :plug_session_fetch => :done, :plug_session_info => :write,
   :plug_skip_csrf_protection => true}, query_params: %{}, query_string: "",
 remote_ip: {127, 0, 0, 1}, req_cookies: %{},
 req_headers: [{"accept", "application/vnd.api+json"},
  {"content-type", "application/vnd.api+json"}], request_path: "/api/tasks/245",
 resp_body: nil, resp_cookies: %{},
 resp_headers: [{"cache-control", "max-age=0, private, must-revalidate"},
  {"x-request-id", "d00tun3s9d7fo2ah2klnhafvt3ks4pbj"}], scheme: :http,
 script_name: [],
 secret_key_base: "npvJ1fWodIYzJ2eNnJmC5b1LecCTsveK4/mj7akuBaLdeAr2KGH4gwohwHsz8Ony",
 state: :unset, status: nil}

要解决此问题并测试身份验证，我需要做什么?

What do I need to do to solve this issue and test authentication well?

更新身份验证插件

defmodule MyApp.Plug.Authenticate do
  import Plug.Conn
  import Phoenix.Controller

  def init(default), do: default

  def call(conn, _) do
    IO.puts inspect get_session(conn, :user_id)
    IO.puts conn
    user_id = get_session(conn, :user_id)

    if user_id do
      current_user = MyApp.Repo.get(MyApp.Task, user_id)
      assign(conn, :current_user, current_user)
    else
      conn
      |> put_status(401)
      |> json(%{})
      |> halt
    end
  end
end

路由器(我从这里切掉了一些零件):

router (I cutted some parts from here):

defmodule MyApp.Router do
  use MyApp.Web, :router

  pipeline :api do
    plug :accepts, ["json-api"] # this line and 3 below are under JaSerializer package responsibility
    plug JaSerializer.ContentTypeNegotiation
    plug JaSerializer.Deserializer
    plug :fetch_session
    plug MyApp.Plug.Authenticate # this one
  end

  scope "/api", MyApp do
    pipe_through :api

    # tasks
    resources "/tasks", TaskController, only: [:show, :update]
  end
end

推荐答案

通过完全绕开测试中的会话，可以更轻松地解决该问题.这个想法是在测试和身份验证插件中直接将current_user分配给conn-设置current_user分配后，跳过从会话中获取用户的操作. 显然，这使身份验证插件本身未经测试，但是与遍历整个堆栈相比，测试该插件应该容易得多.

It can be solved much easier by bypassing sessions altogether in tests. The idea is to assign current_user directly to the conn in tests and in the authentication plug - skip fetching user from session when the current_user assign is set. This obviously leaves the authentication plug itself untested, but testing there should be much easier, than going through the whole stack.

# in the authentication plug
def call(%{assigns: %{current_user: user}} = conn, opts) when user != nil do
  conn
end
def call(conn, opts) do
  # handle fetching user from session
end

这使您只需在测试中执行assign(conn, :current_user, user)即可验证连接.

This allows you to just do assign(conn, :current_user, user) in tests to authenticate the connection.

这篇关于如何在phoenix中使用与会话的连接?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！