我是在假設create_session
如果endpoint.ex被配置爲使用cookie存儲,將設置SET-COOKIE
響應頭建立事務不設置set-cookie頭
# The session will be stored in the cookie and signed,
# this means its contents can be read but not tampered with.
# Set :encryption_salt if you would also like to encrypt it.
plug Plug.Session,
log: :debug,
store: :cookie,
key: "some_key",
signing_salt: "some_salt"
這是我的認證控制器(只是它的一部分)
def callback(%{ assigns: %{ ueberauth_auth: auth } } = conn, params) do
params = build_params(auth)
user = find_or_create_user params
conn = put_session(conn, :current_user, user)
IO.inspect conn.resp_headers
IO.inspect get_session(conn, :current_user)
render conn, "index.html"
#Helpers.redirect!(conn, "/")
end
def build_params(auth) do
%{email: auth.info.email, github_token: auth.credentials.token, github_user: auth.info.nickname}
end
def find_or_create_user(params) do
case DBRepo.get_by(User, email: params.email) do
nil ->
User.changeset(%User{}, params)
|> DBRepo.insert
results ->
results
end
end
個IO.inspect conn.resp_headers
回報
[{"cache-control", "max-age=0, private, must-revalidate"}, {"x-request-id", "vh8l2deodne1k2iloa4c3e4qdpmh857n"}, {"x-frame-options", "SAMEORIGIN"}, {"x-xss-protection", "1; mode=block"}, {"x-content-type-options", "nosniff"}]
IO.inspect get_session(conn, :current_user)
預期
凡'create_session'定義?它必須返回一個conn,在這種情況下,您應該將它分配回去('conn = case find_user(...)do ... end'),因爲Elixir結構是不可變的。 – Dogbert
Cookie是否存在於發送給瀏覽器的實際響應中? Plug.Session在實際發送響應之前(使用'register_before_send')設置實際的會話cookie,因此它不會出現在'conn.resp_headers'中,但是如果您發出真正的請求,它應該在那裏。 – Dogbert
好的我想通了,我看不到cookie,因爲它是httpOnly:真的感謝您的幫助。 你想對所有這些信息做出回答,並將其標記爲回答:) – Billybonks