经过大量的头撞和大量的时间浪费后,我了解到,如果我curl用来测试将令牌存储到 cookie 中,如flask_jwt_extended 网站上所示
cookie 没有被设置,但如果我在浏览器中使用 RESTClient,cookie 会被设置。
我试过这个卷曲:curl -H "Content-Type: application/json" -X POST -d '{"username":"test","password":"test"}' http://localhost:5000/token/auth
使用flash_jwt_extended 示例,如果您设置详细模式-v,您可以看到 cookie 已设置:
* upload completely sent off: 37 out of 37 bytes
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Content-Type: application/json
< Content-Length: 15
< Set-Cookie: access_token_cookie=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIwZjM4Zjg5NC1hNzRmLTQ5NTMtODYwOC1mOTdmNzhmNDIyMWMiLCJleHAiOjE1NDA2MDA4MDEsImZyZXNoIjpmYWxzZSwiaWF0IjoxNTQwNTk5OTAxLCJ0eXBlIjoiYWNjZXNzIiwibmJmIjoxNTQwNTk5OTAxLCJpZGVudGl0eSI6InRlc3QifQ.D-ZGU2Bglb0N1h02yTeV3NBuWjlx7FB0UNG5mkukrHA; HttpOnly; Path=/api/
< Set-Cookie: refresh_token_cookie=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJkYTcyZjcyYS00MTU2LTRlYWYtOWEwZC03ODZjMTQ3ZWZjZTUiLCJleHAiOjE1NDMxOTE5MDEsImlhdCI6MTU0MDU5OTkwMSwidHlwZSI6InJlZnJlc2giLCJuYmYiOjE1NDA1OTk5MDEsImlkZW50aXR5IjoidGVzdCJ9.Lhla3ZwhY4vHgOFhmjBxPKnEmi1uoh-WXIwTWj_ibwI; HttpOnly; Path=/token/refresh
< Server: Werkzeug/0.14.1 Python/2.7.13
< Date: Sat, 27 Oct 2018 00:25:01 GMT
<
{"login":true}
* Closing connection 0
如果要在多个curl命令之间保留 cookie,请使用-c cookie.txt将 cookie 存储在文件cookie.txt中并在其他curl命令中使用-b cookie.txt来加载它们:
curl -H "Content-Type: application/json" \
-d '{"username":"test","password":"test"}' \
"http://localhost:5000/token/auth" -c cookie.txt
curl "http://localhost:5000/api/example" -b cookie.txt