从早期版本的Paw使用cookie身份验证的路由不再适用于新版本 [英] Routes using cookie authentication from previous version of Paw no longer work on new version
问题描述
我有一条路由使用由另一条路由设置的身份验证cookie.我是这样创建的:
I have a route that uses an authentication cookie set by another route. I've created it like this:
此方法在新版本中不再起作用. Paw抱怨Authenticate请求的响应中没有set-cookie标头.
This method no longer works in the new version. Paw complains that there is no set-cookie header in the response from the Authenticate request.
这似乎是因为Paw现在获取cookie并以与其他标头不同的方式处理它们.我喜欢这种方法,因为它可以简化这种身份验证,但是不幸的是,它的工作方式不像我期望的那样.
It seems this is because Paw now takes the cookies and handles them differently from other headers. I like this approach because it should make this sort of authentication easier, but, unfortunately, it's not working like I would expect.
这是我配置新请求的方式:
Here's how I have configured a newer request:
因此,我将cookie标头设置为Response Cookies动态值,我认为应该将先前设置的cookie传递给它.我想我应该从下拉列表中选择Authenticate请求(因为实际上是来自此请求的响应设置了cookie,但是如果这样做,cookie值就会消失.相反,我将请求值保留为Current Request,因为那样似乎包含正确的值.
So, I've set the cookie header to the Response Cookies dynamic value which, I believe, should pass along the cookies set previously. I would think I should select the Authenticate request from the dropdown (since it's the response from this request that actually sets the cookie, but the cookie value disappears if I do that. Instead, I have left the request value as Current Request since that seems to contain the correct value.
我还注意到了Automatically send cookies设置,我认为这可能是一个简单的解决方案.我从请求中删除了手动cookie标头,并保留了此复选框,以希望它可以自动从cookie罐中随请求发送任何cookie,但这似乎也不起作用.无论我尝试什么,由于身份验证,我的请求都无法产生期望的结果.
I've also noticed the Automatically send cookies setting which I thought might be an easy solution. I removed the manual cookie header from my request leaving this checked in hopes it might automatically send over any cookies from the cookie jar along with the request, but that doesn't seem to work either. No matter what I try, my request fails to produce the desired results because of authentication.
您能帮我了解如何配置这些请求,以便我可以继续使用Paw测试经过会话身份验证的路由吗?
Can you help me understand how to configure these requests so that I can continue using Paw to test session-authenticated routes?
推荐答案
以下几点将使您了解Cookie在Paw中的工作方式(从2.1版开始):
Here are a couple of things that will make you understand how cookies work in Paw (starting from version 2.1):
1. Cookie存储在罐子中
为允许用户保持多个同步会话,cookie被存储在jar中,因此您可以轻松地在会话(jar)之间进行切换.
To allow users to keep multiple synchronous sessions, cookies are stored in jars, so you can switch between sessions (jars) easily.
存储在jar中的cookie仅在它们匹配请求(主机名,路径,安全等)时才发送.
Cookies stored in jars will be sent only if they match the request (hostname, path, is secure, etc.).
2.默认情况下会发送罐子中的Cookie,除非Cookie标头被覆盖
2. Cookies from jars are sent by default, unless Cookie header is overridden
如果您手动设置Cookie标头,则不会发送存储在jar中的cookie.
而且很明显,除非禁用了自动发送Cookies .
If you set a Cookie header manually, cookies stored in jars wont' be sent.
And obviously unless Automatically Send Cookies is disabled.
3. 响应标头" 的先前用法很hack.使用响应Cookie .
3. The previous use of "Response Headers" was hacky. Use Response Cookies.
实际上,Set-Cookie(用于响应)和Cookie(用于请求)具有不同的语法.因此,您无法发送回Set-Cookie的原始值(即使在大多数情况下它似乎可以正常工作).
In fact, Set-Cookie (for responses) and Cookie (for requests) have different syntaxes. So you can't send back the original value of Set-Cookie (even though it seemed to be working in most cases).
您提到的新的 Response Cookies 动态值具有此目的:发回特定请求设置的cookie.
The new Response Cookies dynamic value you mentioned has this purpose: send back the cookies set by a specific request.
现在,就您而言,我将一直使用 Response Cookies 动态值.由于您只有1个请求在进行auth/cookie设置,因此处理起来可能最简单.另外,也许检查忽略域,路径,安全性和日期,以确保即使您切换了主机(或其他),也总是发送您的cookie.
Now, in your case, I would use a Response Cookies dynamic value all the time. As you have only 1 request doing auth / cookie setting, it might be the easiest to handle. Also, maybe check Ignore Domain, Path, Is Secure and Date to make sure your cookie is always sent even if you switch the host (or something else).
这篇关于从早期版本的Paw使用cookie身份验证的路由不再适用于新版本的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
