何らかの理由で、ログインした後に、その後のすべてのPOSTリクエストがTwistedセッションCookieに変更されます。なぜこれが起こるのですか?私は接続が失われるまで、またはユーザーがログアウトするまで、セッションのuidが同じであると予想します。ここでツイストセッションCookieが各リクエストごとに変更されています
は、セッションが要求ごとに異なることになり、私のコードです:
from twisted.web.server import Site, http
from twisted.internet import reactor
from twisted.web.resource import Resource
import json
class HttpResource(Resource):
isLeaf = True
def render_OPTIONS(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return ""
def render_GET(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return "<html><body style='margin: 0; overflow: hidden;'><iframe style='width: 100%; height: 100%; border: none;' src='http://tsa-graphiql.herokuapp.com/'></iframe></body></html>"
def render_POST(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
session_id = request.getSession().uid
print "HttpResource session ID: {}".format(session_id)
class LoginResource(Resource):
isLeaf = True
def render_OPTIONS(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return ""
def render_GET(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return "<html><body style='margin: 0; overflow: hidden;'><iframe style='width: 100%; height: 100%; border: none;' src='http://tsa-graphiql.herokuapp.com/'></iframe></body></html>"
def render_POST(self, request):
log("Login request")
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
req = request.content.read()
session_id = request.getSession().uid
try:
jsQ = json.loads(req)
except Exception as e:
return e
# User credentials
username = jsQ['username']
password = jsQ['password']
# Authenticate the User
if username == 'test' and password == 'test':
# Create a new session
print "Login session ID: {}".format(session_id)
else:
request.setResponseCode(401)
return "Invalid username or password"
class RefreshResource(Resource):
isLeaf = True
def render_OPTIONS(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return ""
def render_GET(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
return "<html><body style='margin: 0; overflow: hidden;'><iframe style='width: 100%; height: 100%; border: none;' src='http://tsa-graphiql.herokuapp.com/'></iframe></body></html>"
def render_POST(self, request):
request.setHeader('Access-Control-Allow-Origin', '*')
request.setHeader('Access-Control-Allow-Headers', 'Origin, Accept, content-type, authorization')
print "Refresh session ID: {}".format(request.getSession().uid)
class HttpFactory(Site):
def __init__(self, resource):
http.HTTPFactory.__init__(self)
self.resource = resource
self.sessions = {}
self.user_info = {}
if __name__ == '__main__':
root = Resource()
root.putChild("", HttpResource())
root.putChild("login", LoginResource())
root.putChild("refresh", RefreshResource())
site = HttpFactory(root)
reactor.listenTCP(8000, site)
reactor.run()
わかりました。したがって、ねじれコードがヘッダーにCookieを設定している場合、UIは、セッションが終了するまで、各リクエストとともにこのCookieを送信する必要があります。 Jeanの説明をありがとう! – Brian