stackoom
  简体   繁体   中英

ember cookie vs server cookie

 原文  2018-05-28 13:55:00       ember.js/ session-cookies/ ember-simple-auth

Question

I am using Ember and Ember-simple-auth. This question is to clear my confusion related to cookies etc.

I have configured ember storage to Cookie.

My server is sending a cookie to be saved at client side. ie 

Set-Cookie: dejavu.session=WwwLQjdfOoNz_-bhyYpBLvzew7IUaJuu; Path=/; Expires=Mon, 28-May-2018 15:59:30 GMT

I have understanding that

  1. browser automatically captures the cookie from set-cookie in header (mean it should be visible in dev tool)

  2. browser automatically add this cookie in subsequent requests.

  3. I don't need to do anything extra with Ember Simple Auth as server cookie is by default handled by browser.

Based on this understanding, in Chrome inspector I just see one cookie of ember-simple-auth and nothing else.

My questions are:

1- Should I see a separate cookie (the one sent from server) in dev tool along with Ember cookie (set by Ember simple Auth)? or my server cookie has to be embedded in Ember Cookie? I actually don't see server cookie on my dev tools so I am confused.

2- Is this right concept that ember cookie is storage for Ember but server cookie is the one that browser will capture and send in header in subsequent requests?

1 answers

solution1
 0 ACCPTED  2018-06-12 08:42:04

ok. I found the solution after spending alot of testing and exploration. Answer to my both questions is:

There is a bug in chrome dev tools that doesn't show the cookie sent from server. We don't need to embed server cookie in ember cookie. Browser manages cookies itself. Only server has to send a cookie and then browser will manage it eg discard it if it expires and then automatically add it to header of each subsequent requests to be sent via api. We can see the cookie as request is sent, in our dev tools 'Network' tab under request headers.

With session cookie and Ember-simple-auth we don't need to set authoriser in header (for adding cookie in header) as this will override the session cookie (that was set by browser).

So when using Ember-simple-auth and session authentication, correct flow is:

  1. add addon

  2. setup authenticator (follow github docs)

  3. don't set authorizer (as told in docs)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question javascript cookie, Ember Ember simple auth and cookie headers Ember: session cookie from api not being set Ember template not reloading after i set cookie Making a cookie available to a sibling domain with Ember Ember-simple-auth change cookie on the fly Setting a cookie on all subdomains in Rails 4 and Ember Ember.js session cookie based authentication with Rails and devise Ember Controller vs Ember ArrayController Ember Model vs Content?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM