问题描述
如何使用 postman 测试需要身份验证的 odoo 14.0 控制器方法?
我曾经有一个简单的身份验证请求:
网址:http://localhost:8014/web/session/authenticate
方法:GET
标题:Content-Type: application/json
正文:
{
"jsonrpc": "2.0","params": {
"db": "v14pos","login": "admin","password": "admin"
}
}
发送身份验证请求后,postman 会设置 session_id cookie,它会起作用。
但是在 14.0 中,即使设置了 session_id cookie,在尝试调用需要身份验证的 URL 时,我也会收到以下错误:
{
"jsonrpc": "2.0","id": null,"error": {
"code": 200,"message": "odoo Server Error","data": {
"name": "odoo.exceptions.AccessDenied","debug": "Traceback (most recent call last):\n File \"/home/obi/src/vs/odoo14/addons/http_routing/models/ir_http.py\",line 450,in _dispatch\n cls._authenticate(func)\n File \"/home/obi/src/vs/odoo14/odoo/addons/base/models/ir_http.py\",line 132,in _authenticate\n raise AccessDenied()\nException\n\nThe above exception was the direct cause of the following exception:\n\nTraceback (most recent call last):\n File \"/home/obi/src/vs/odoo14/odoo/http.py\",line 639,in _handle_exception\n return super(JsonRequest,self)._handle_exception(exception)\n File \"/home/obi/src/vs/odoo14/odoo/http.py\",line 315,in _handle_exception\n raise exception.with_traceback(None) from new_cause\nodoo.exceptions.AccessDenied: Access Denied\n","message": "Access Denied","arguments": [
"Access Denied"
],"context": {}
}
}
}
这适用于版本 11.0。
我注意到 14.0 中的 HTTP 标头以不同的方式包含 cookie:
Cookie: TWISTED_SESSION=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2luZm8iOnsiYW5vbnltb3VzIjp0cnVlfSwiZXhwIjoxNjAzNjM0NDM5fQ.pJs2oOjQYOQrFnolafUlNZ4Bg4OMJ_itRaZPEUoaLeE; frontend_lang=en_US; filetoken=dummy-because-api-expects-one; tz=Africa/Khartoum; session_id=d36df662e749f368c32dcbecc07bf578dd57de8a
什么是TWISTED_SESSOIN?是它造成的问题吗?
解决方法
我找到了解决方案,或者说是问题所在。
我在控制器方法中为 auth 设置了错误的值,它是:
@http.route('/route/',auth='auth',type='json')
并将其更改为:
@http.route('/route/',auth='user',type='json')