由于某种原因登录后,Twisted会话cookie之后的每个POST请求都会发生变化。为什么会这样?在连接丢失或用户注销之前,我希望会话uid是相同的。在
下面是我的代码,它使每个请求的会话都不同:
from twisted.web.server import Site, http
from twisted.internet import reactor
from twisted.web.resource import Resource
import json
class HttpResource(Resource):
isLeaf = True
def render_OPTIONS(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return ""
def render_GET(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return "<html><body style='margin: 0; overflow: hidden;'><iframe style='width: 100%; height: 100%; border: none;' src='http://tsa-graphiql.herokuapp.com/'></iframe></body></html>"
def render_POST(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
session_id = request.getSession().uid
print "HttpResource session ID: {}".format(session_id)
class LoginResource(Resource):
isLeaf = True
def render_OPTIONS(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return ""
def render_GET(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return "<html><body style='margin: 0; overflow: hidden;'><iframe style='width: 100%; height: 100%; border: none;' src='http://tsa-graphiql.herokuapp.com/'></iframe></body></html>"
def render_POST(self, request):
log("Login request")
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
req = request.content.read()
session_id = request.getSession().uid
try:
jsQ = json.loads(req)
except Exception as e:
return e
# User credentials
username = jsQ['username']
password = jsQ['password']
# Authenticate the User
if username == 'test' and password == 'test':
# Create a new session
print "Login session ID: {}".format(session_id)
else:
request.setResponseCode(401)
return "Invalid username or password"
class RefreshResource(Resource):
isLeaf = True
def render_OPTIONS(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return ""
def render_GET(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return "<html><body style='margin: 0; overflow: hidden;'><iframe style='width: 100%; height: 100%; border: none;' src='http://tsa-graphiql.herokuapp.com/'></iframe></body></html>"
def render_POST(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
print "Refresh session ID: {}".format(request.getSession().uid)
class HttpFactory(Site):
def __init__(self, resource):
http.HTTPFactory.__init__(self)
self.resource = resource
self.sessions = {}
self.user_info = {}
if __name__ == '__main__':
root = Resource()
root.putChild("", HttpResource())
root.putChild("login", LoginResource())
root.putChild("refresh", RefreshResource())
site = HttpFactory(root)
reactor.listenTCP(8000, site)
reactor.run()
Twisted Web会话是基于cookie的。为了使会话与客户机保持活动状态,它们必须尊重服务器的
Set-Cookie
响应(保存cookie并随将来的请求一起重新发送)。在如果你的客户是curl,那么:
运行后将删除会话cookie。如果您再次运行该命令,您将获得一个新的会话,因为客户端不会发送会话cookie,并且服务器无法知道该请求属于先前创建的会话。在
如果您告诉curl使用以下命令正常处理cookies:
^{pr2}$然后curl将保存服务器设置的会话cookie。如果您再次运行该命令,它将把会话cookie发送回服务器,您将看到相同的会话被重用。在
相关问题 更多 >
编程相关推荐