REST API测试-邮递员在每个请求后表现为不同的客户端 [英] REST API Testing - Postman behaving as different client after each request

问题描述

我目前正在使用Postman来测试我的REST API。我使用 Ruby-On-Rails 并使用 devise_token_auth 来管理用户会话来构建它。成功登录后，我的API正在渲染客户端，访问令牌，令牌类型（BEARER）和 Uid 。每个需要用户登录并在标头上发送的请求都需要这些元素。

I am currently using Postman to test my REST API. I've built it using Ruby-On-Rails, and using devise_token_auth to manage users sessions. After a successful log in, my API is rendering a client, an access-token, a token-type(BEARER) and an Uid. These elements are needed for every request that requires the user to be logged in and have to be sent on the header.

假设我正在使用POST创建文章。第一次POST成功并创建了文章，但是当我尝试创建另一篇文章时，我得到：

Let's say I am creating an article using a POST. The first POST succeeds and creates the article but when I try to create another article, I get :

{
  "errors": [
    "Authorized users only."
  ]
}

我怀疑其中一名邮递员的行为与其他客户不同每个请求，或者我的API在每个请求之后为用户创建一个访问令牌。

I suspect either Postman is behaving as a different client after each request, or my API is creating an access-token for the user after each request.

推荐答案

我终于设法解决了该问题：

I finally managed to fix the issue:

devise_token_auth gem文档，访问令牌都会更改。因此，每当我想向API发送请求时，都必须更新标头上的访问令牌。

According to devise_token_auth gem documentation, the access-token changes each time the client queries the API. Thus, I had to update the access-token, on my headers, whenever I wanted to send a request to my API.

为防止在每次请求后更改访问令牌，请将以下行添加到 confing / initializers / devise_token_auth.rb ：

To prevent the access-token from being changed after each request, add the following line to confing/initializers/devise_token_auth.rb:

 config.change_headers_on_each_request = false

这篇关于REST API测试-邮递员在每个请求后表现为不同的客户端的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！