我想用 ROR 中的设计进行 JSON 身份验证。我设法配置设计以响应 Json。但我不知道下一步如何进行。
- 据我了解,登录时,我需要从服务器获取会话 cookie。
- 登录后,我需要在后续请求中设置cookie。
我用 curl 做了实验。登录时似乎可以正常工作,但我不知道如何进行第 2 步。
步骤1:
curl -i -c cookie.txt --data "user[email]=aaa@hotmail.com&user[password]=bbb"
http://localhost:3000/users/sign_in.json
来自服务器的响应头
HTTP/1.1 201 Created
Location: http://192.168.1.103:3000/
Content-Type: application/json; charset=utf-8
X-Ua-Compatible: IE=Edge
Etag: "efb27857c1aa52e3ef8699ac6d4325fd"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 72d7e6b762a1fafc8b70a7b15eebd367
X-Runtime: 0.218202
Server: WEBrick/1.3.1 (Ruby/1.9.3/2012-11-10)
Date: Sun, 05 May 2013 16:29:06 GMT
Content-Length: 135
Connection: Keep-Alive
Set-Cookie: _maimai-server_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRkkiJWE2YjNjYjA0ZDRjYWQzN2E5YTk5ZjBmNDY4YmZjZjY0BjsAVA%3D%3D--7226b646ae2de757c186a7edb37330911aa515be; path=/; HttpOnly
第2步
curl -b cookie.txt http://192.168.1.104:3000/user/show
要求
* About to connect() to 192.168.1.103 port 3000 (#0)
* Trying 192.168.1.103... connected
GET /user/show.json HTTP/1.1
User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
Host: 192.168.1.103:3000
Accept: */*
Cookie: _maimai-server_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRkkiJTQyYmRmMjMyMTk2ZTQwZTJhZDAyNDQ2MTIzNjE2ZWE2BjsAVA%3D%3D--1a42624990446713398d6efbbf5836048bb4dbd6
回复
HTTP/1.1 401 Unauthorized
Content-Type: application/json; charset=utf-8
X-Ua-Compatible: IE=Edge
Cache-Control: no-cache
X-Request-Id: 7836df1c4a1cd570923a3d0f0743b058
X-Runtime: 0.002917
Server: WEBrick/1.3.1 (Ruby/1.9.3/2012-11-10)
Date: Sun, 05 May 2013 16:57:52 GMT
Content-Length: 61
Connection: Keep-Alive
Connection #0 to host 192.168.1.103 left intact
Closing connection #0
{"error":"You need to sign in or sign up before continuing."}