余烬cookie与服务器cookie
[英]ember cookie vs server cookie
问题描述
I am using Ember and Ember-simple-auth. 
我正在使用Ember和Ember-simple-auth。 This question is to clear my confusion related to cookies etc. 这个问题是为了消除我对cookie等的困惑。
I have configured ember storage to Cookie. 我已将余烬存储配置为Cookie。
My server is sending a cookie to be saved at client side. 我的服务器正在发送一个cookie,该cookie将保存在客户端。 ie 即
Set-Cookie: dejavu.session=WwwLQjdfOoNz_-bhyYpBLvzew7IUaJuu; Path=/; Expires=Mon, 28-May-2018 15:59:30 GMT
I have understanding that 我了解
browser automatically captures the cookie from set-cookie in header (mean it should be visible in dev tool)
浏览器会自动从标头中的set-cookie捕获cookie(这意味着它应该在dev工具中可见) browser automatically add this cookie in subsequent requests.
浏览器会在后续请求中自动添加此Cookie。 I don't need to do anything extra with Ember Simple Auth as server cookie is by default handled by browser.
我不需要对Ember Simple Auth进行任何其他操作,因为服务器Cookie默认情况下是由浏览器处理的。
Based on this understanding, in Chrome inspector I just see one cookie of ember-simple-auth and nothing else. 基于这种理解,在Chrome检查器中,我只看到一个ember-simple-auth cookie,没有其他东西。
My questions are: 我的问题是:
1- Should I see a separate cookie (the one sent from server) in dev tool along with Ember cookie (set by Ember simple Auth)? 1-我是否应该在开发工具中看到一个单独的cookie(从服务器发送的cookie)以及Ember cookie(由Ember simple Auth设置)? or my server cookie has to be embedded in Ember Cookie? 还是我的服务器Cookie必须嵌入到Ember Cookie中? I actually don't see server cookie on my dev tools so I am confused. 我实际上在开发工具上看不到服务器cookie,因此感到困惑。
2- Is this right concept that ember cookie is storage for Ember but server cookie is the one that browser will capture and send in header in subsequent requests? 2-这个正确的概念是将ember cookie存储为Ember,但将服务器cookie作为浏览器捕获并在后续请求中发送标头的服务器cookie?
1 个解决方案
解决方案1
0 已采纳 2018-06-12 08:42:04
ok. 好。 I found the solution after spending alot of testing and exploration. 经过大量的测试和探索,我找到了解决方案。 Answer to my both questions is: 我的两个问题的答案是:
There is a bug in chrome dev tools that doesn't show the cookie sent from server. chrome开发工具中存在一个错误,该错误不会显示从服务器发送的cookie。 We don't need to embed server cookie in ember cookie. 我们不需要将服务器cookie嵌入ember cookie。 Browser manages cookies itself. 浏览器本身管理cookie。 Only server has to send a cookie and then browser will manage it eg discard it if it expires and then automatically add it to header of each subsequent requests to be sent via api. 仅服务器必须发送一个cookie,然后浏览器将对其进行管理,例如,如果cookie过期,则将其丢弃,然后将其自动添加到每个随后通过api发送的请求的标头中。 We can see the cookie as request is sent, in our dev tools 'Network' tab under request headers. 我们可以在开发工具的“网络”标签中的请求标题下看到发送请求时的Cookie。
With session cookie and Ember-simple-auth we don't need to set authoriser in header (for adding cookie in header) as this will override the session cookie (that was set by browser). 使用会话cookie和Ember-simple-auth,我们不需要在标头中设置授权者(用于在标头中添加cookie),因为这将覆盖会话cookie(由浏览器设置)。
So when using Ember-simple-auth and session authentication, correct flow is: 因此,当使用Ember-simple-auth和会话身份验证时,正确的流程是:
add addon
添加插件 setup authenticator (follow github docs)
设置验证器(遵循github docs) don't set authorizer (as told in docs)
不要设置授权者(如文档中所述)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.