经过大量的头部撞击和大量时间的浪费,我了解到如果我使用curl来测试将令牌存储到cookie中,如flask_jwt_extended website所示
未设置cookie,但是如果我在浏览器中使用RESTClient,则cookie会被设置。
我尝试了这种卷曲:curl -H "Content-Type: application/json" -X POST -d '{"username":"test","password":"test"}' http://localhost:5000/token/auth
答案 0 :(得分:0)
使用flash_jwt_extended example,如果您设置了详细模式-v,则可以看到已设置cookie:
* upload completely sent off: 37 out of 37 bytes
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Content-Type: application/json
< Content-Length: 15
< Set-Cookie: access_token_cookie=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIwZjM4Zjg5NC1hNzRmLTQ5NTMtODYwOC1mOTdmNzhmNDIyMWMiLCJleHAiOjE1NDA2MDA4MDEsImZyZXNoIjpmYWxzZSwiaWF0IjoxNTQwNTk5OTAxLCJ0eXBlIjoiYWNjZXNzIiwibmJmIjoxNTQwNTk5OTAxLCJpZGVudGl0eSI6InRlc3QifQ.D-ZGU2Bglb0N1h02yTeV3NBuWjlx7FB0UNG5mkukrHA; HttpOnly; Path=/api/
< Set-Cookie: refresh_token_cookie=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJkYTcyZjcyYS00MTU2LTRlYWYtOWEwZC03ODZjMTQ3ZWZjZTUiLCJleHAiOjE1NDMxOTE5MDEsImlhdCI6MTU0MDU5OTkwMSwidHlwZSI6InJlZnJlc2giLCJuYmYiOjE1NDA1OTk5MDEsImlkZW50aXR5IjoidGVzdCJ9.Lhla3ZwhY4vHgOFhmjBxPKnEmi1uoh-WXIwTWj_ibwI; HttpOnly; Path=/token/refresh
< Server: Werkzeug/0.14.1 Python/2.7.13
< Date: Sat, 27 Oct 2018 00:25:01 GMT
<
{"login":true}
* Closing connection 0
如果要在多个curl命令之间保留cookie,请使用-c cookie.txt将cookie存储在文件cookie.txt中,并在其他curl命令中使用-b cookie.txt加载它们:
curl -H "Content-Type: application/json" \
-d '{"username":"test","password":"test"}' \
"http://localhost:5000/token/auth" -c cookie.txt
curl "http://localhost:5000/api/example" -b cookie.txt