節點 js express-session Set-Cookie on Postman/不在 Flutter http 標頭中

Question

我在嘗試使用 express-session 將 Flutter 應用程序與我的 nodejs 后端連接時遇到問題。 在郵遞員中，響應頭包含一個“Set-Cookie”-Header，但帶有http.post(...)的顫動頭不包括： headers: {content-length: 113, content-type: application/json; charset=utf-8} {content-length: 113, content-type: application/json; charset=utf-8} 。

我需要一個 cookie 來保持經過身份驗證的會話與護照。 任何想法如何解決它？

Flutter 標頭： host: '127.0.0.1:3000', connection: 'keep-alive', 'content-length': '57', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36', 'content-type': 'application/json; charset=utf-8', accept: '*/*', origin: 'http://localhost:51879', 'sec-fetch-site': 'cross-site', 'sec-fetch-mode': 'cors', 'sec-fetch-dest': 'empty', referer: 'http://localhost:51879/', 'accept-encoding': 'gzip, deflate, br', 'accept-language': 'de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7' host: '127.0.0.1:3000', connection: 'keep-alive', 'content-length': '57', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36', 'content-type': 'application/json; charset=utf-8', accept: '*/*', origin: 'http://localhost:51879', 'sec-fetch-site': 'cross-site', 'sec-fetch-mode': 'cors', 'sec-fetch-dest': 'empty', referer: 'http://localhost:51879/', 'accept-encoding': 'gzip, deflate, br', 'accept-language': 'de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7'

郵遞員標題： 'content-type': 'application/json', accept: '*/*', 'postman-token': '7c79280d-****-****-a985-c01395e50e08', host: 'localhost:3000', 'accept-encoding': 'gzip, deflate, br', connection: 'keep-alive', 'content-length': '66'

Answer 1

建議您使用dio 庫進行 HTTP 調用。

import 'package:dio/dio.dart';

class ApiProvider {
  Dio _dio;
  String aToken = '';

  final BaseOptions options = new BaseOptions(
    // base url to backend server
    baseUrl: 'http://a.b.c.d:port/',  
    connectTimeout: 15000,
    receiveTimeout: 13000,
  );
  static final ApiProvider _instance = ApiProvider._internal();

  factory ApiProvider() => _instance;

  ApiProvider._internal() {
    _dio = Dio(options);
    _dio.interceptors.add(InterceptorsWrapper(
        onRequest:(Options options) async {
          // to prevent other request enter this interceptor, 
          // use a new Dio(to avoid dead lock) instance to request token.
          _dio.interceptors.requestLock.lock();
          
          // set the cookie to headers
          options.headers["cookie"] = aToken;

          _dio.interceptors.requestLock.unlock();
          return options; // continue
        }
    ));
  }

  Future login() async {
    final request = {
      "userName": "",
      "password": "",
      "token": ""
    };
    final response = await _dio.post('/login', data: request, options: Options(
        followRedirects: false,
        validateStatus: (status) { return status < 500; }
    ));
    //get cooking from response
    final cookies = response.headers.map['set-cookie'];
    if (cookies.isNotEmpty && cookies.length == 2) {
      // it depends on how your server sending cookie
      aToken = cookies[1].split(';')[0];
    }
  }

  /// if we call this function without cookie then it will throw 500 err.
  Future getSomething() async {
    final response = await _dio.post('/something');
  }
}