Python Twisted会话Cookie正在为每个请求更改
由于某种原因,登录后,Twisted会话cookie之后的每个POST请求都会发生更改。为什么会发生这种情况?在连接断开或用户注销之前,我希望会话uid保持不变 下面是我的代码,它导致会话对于每个请求都不同:Python Twisted会话Cookie正在为每个请求更改,python,session,session-cookies,twisted,twisted.web,Python,Session,Session Cookies,Twisted,Twisted.web,由于某种原因,登录后,Twisted会话cookie之后的每个POST请求都会发生更改。为什么会发生这种情况?在连接断开或用户注销之前,我希望会话uid保持不变 下面是我的代码,它导致会话对于每个请求都不同: from twisted.web.server import Site, http from twisted.internet import reactor from twisted.web.resource import Resource import json class Http
from twisted.web.server import Site, http
from twisted.internet import reactor
from twisted.web.resource import Resource
import json
class HttpResource(Resource):
isLeaf = True
def render_OPTIONS(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return ""
def render_GET(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return "<html><body style='margin: 0; overflow: hidden;'><iframe style='width: 100%; height: 100%; border: none;' src='http://tsa-graphiql.herokuapp.com/'></iframe></body></html>"
def render_POST(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
session_id = request.getSession().uid
print "HttpResource session ID: {}".format(session_id)
class LoginResource(Resource):
isLeaf = True
def render_OPTIONS(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return ""
def render_GET(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return "<html><body style='margin: 0; overflow: hidden;'><iframe style='width: 100%; height: 100%; border: none;' src='http://tsa-graphiql.herokuapp.com/'></iframe></body></html>"
def render_POST(self, request):
log("Login request")
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
req = request.content.read()
session_id = request.getSession().uid
try:
jsQ = json.loads(req)
except Exception as e:
return e
# User credentials
username = jsQ['username']
password = jsQ['password']
# Authenticate the User
if username == 'test' and password == 'test':
# Create a new session
print "Login session ID: {}".format(session_id)
else:
request.setResponseCode(401)
return "Invalid username or password"
class RefreshResource(Resource):
isLeaf = True
def render_OPTIONS(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return ""
def render_GET(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return "<html><body style='margin: 0; overflow: hidden;'><iframe style='width: 100%; height: 100%; border: none;' src='http://tsa-graphiql.herokuapp.com/'></iframe></body></html>"
def render_POST(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
print "Refresh session ID: {}".format(request.getSession().uid)
class HttpFactory(Site):
def __init__(self, resource):
http.HTTPFactory.__init__(self)
self.resource = resource
self.sessions = {}
self.user_info = {}
if __name__ == '__main__':
root = Resource()
root.putChild("", HttpResource())
root.putChild("login", LoginResource())
root.putChild("refresh", RefreshResource())
site = HttpFactory(root)
reactor.listenTCP(8000, site)
reactor.run()
Twisted Web会话是基于cookie的。要使会话与客户端保持活动状态,他们必须尊重服务器的Set-Cookie响应—保存Cookie并在将来的请求中重新发送 如果您的客户有点像curl,那么:
$ curl http://localhost:8000/
将在运行后删除会话cookie。如果再次运行该命令,您将获得一个新会话,因为客户端不会发送会话cookie,服务器无法知道该请求属于先前创建的会话
如果您让curl使用如下命令正常处理cookie:
$ curl --cookie session-cookies --cookie-jar session-cookies http://localhost:8000/
然后curl将保存服务器设置的会话cookie。如果您再次运行该命令,它会将会话cookie发送回服务器,您将看到相同的会话被重复使用。好的,我明白了。因此,如果twisted代码在头中设置cookie,UI应在每次请求中发送此cookie,直到会话结束。谢谢你的解释,简!