Odoo 14 的邮递员身份验证

时间:2021-02-13 15:21:01

标签: api authentication odoo odoo-14

如何使用 postman 测试需要身份验证的 odoo 14.0 控制器方法?

我曾经有一个简单的身份验证请求:

网址:http://localhost:8014/web/session/authenticate

方法:GET

标题:Content-Type: application/json

正文:

{
    "jsonrpc": "2.0", 
    "params": {
        "db": "v14pos", 
        "login": "admin", 
        "password": "admin"
    }
}

发送身份验证请求后,postman 会设置 session_id cookie,它会起作用。

但是在 14.0 中,即使设置了 session_id cookie,在尝试调用需要身份验证的 URL 时,我也会收到以下错误:

{
    "jsonrpc": "2.0",
    "id": null,
    "error": {
        "code": 200,
        "message": "Odoo Server Error",
        "data": {
            "name": "odoo.exceptions.AccessDenied",
            "debug": "Traceback (most recent call last):\n  File \"/home/obi/src/vs/odoo14/addons/http_routing/models/ir_http.py\", line 450, in _dispatch\n    cls._authenticate(func)\n  File \"/home/obi/src/vs/odoo14/odoo/addons/base/models/ir_http.py\", line 132, in _authenticate\n    raise AccessDenied()\nException\n\nThe above exception was the direct cause of the following exception:\n\nTraceback (most recent call last):\n  File \"/home/obi/src/vs/odoo14/odoo/http.py\", line 639, in _handle_exception\n    return super(JsonRequest, self)._handle_exception(exception)\n  File \"/home/obi/src/vs/odoo14/odoo/http.py\", line 315, in _handle_exception\n    raise exception.with_traceback(None) from new_cause\nodoo.exceptions.AccessDenied: Access Denied\n",
            "message": "Access Denied",
            "arguments": [
                "Access Denied"
            ],
            "context": {}
        }
    }
}

这适用于版本 11.0

我注意到 14.0 中的 HTTP 标头以不同的方式包含 cookie:

Cookie: TWISTED_SESSION=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2luZm8iOnsiYW5vbnltb3VzIjp0cnVlfSwiZXhwIjoxNjAzNjM0NDM5fQ.pJs2oOjQYOQrFnolafUlNZ4Bg4OMJ_itRaZPEUoaLeE; frontend_lang=en_US; fileToken=dummy-because-api-expects-one; tz=Africa/Khartoum; session_id=d36df662e749f368c32dcbecc07bf578dd57de8a

什么是TWISTED_SESSOIN?是它造成的问题吗?

1 个答案:

答案 0 :(得分:1)

我找到了解决方案,或者说是问题所在。

我在控制器方法中为 auth 设置了错误的值,它是:

@http.route('/route/', auth='auth', type='json')

并将其更改为:

@http.route('/route/', auth='user', type='json')

相关问题
最新问题