New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

无法自定义设置cookie的问题. #37

Closed
yjdwbj opened this Issue Jan 9, 2017 · 11 comments

Comments

Projects
None yet
2 participants
@yjdwbj

yjdwbj commented Jan 9, 2017

大家好, 我这里有一个需求就是,如果一个request 没有带Cookie来访问,我这边的服务器就打上Set-Cookie,他如果带有效的Cookie来访问服务器检查并通过.我下面的这个代码片段,设置不了reponse的Cookie,并且日志报错.我这些代码是fork https://github.com/sumory/openresty-china,并且我用curl 测这个服务,不管request 有没带Cookie请求,这个服务器都会返一个新的Cookie ,新的sessionid .

local ckobj = require "lor.resty.cookie"
[...]
router:get("/getinfo",function(req,res,next)

            res.cookie = ckobj:new()
            local ok,err = res.cookie:set({
               sessionid = get_new_cookie(),
               httponly = true,
               expire = 600,
               Path="/" })
          return res:json({ok=true})

end)
[...]

调试错误如下:

2017/01/09 14:37:05 [error] 1574#0: *493 attempt to set ngx.header.HEADER after sending out response headers, client: 192.168.8.31, server: , request: "GET /iot/v1.0/app/auth/abc/123456/ HTTP/1.1", host: "127.0.0.1:8888"
2017/01/09 14:37:05 [error] 1574#0: *493 attempt to set ngx.header.HEADER after sending out response headers, client: 192.168.8.31, server: , request: "GET /iot/v1.0/app/auth/abc/123456/ HTTP/1.1", host: "127.0.0.1:8888"
2017/01/09 14:37:05 [error] 1574#0: *493 attempt to set ngx.status after sending out response headers, client: 192.168.8.31, server: , request: "GET /iot/v1.0/app/auth/abc/123456/ HTTP/1.1", host: "127.0.0.1:8888"
2017/01/09 14:37:14 [error] 1575#0: *496 [lua] main.lua:19:  package for lor is ./app/lor/lor/index.lua, client: 192.168.8.31, server: , request: "GET /iot/v1.0/app/auth/abc/123456/ HTTP/1.1", host: "127.0.0.1:8888"
2017/01/09 14:37:14 [error] 1575#0: *496 attempt to set ngx.header.HEADER after sending out response headers, client: 192.168.8.31, server: , request: "GET /iot/v1.0/app/auth/abc/123456/ HTTP/1.1", host: "127.0.0.1:8888"
2017/01/09 14:37:14 [error] 1575#0: *496 attempt to set ngx.header.HEADER after sending out response headers, client: 192.168.8.31, server: , request: "GET /iot/v1.0/app/auth/abc/123456/ HTTP/1.1", host: "127.0.0.1:8888"
2017/01/09 14:37:14 [error] 1575#0: *496 attempt to set ngx.status after sending out response headers, client: 192.168.8.31, server: , request: "GET /iot/v1.0/app/auth/abc/123456/ HTTP/1.1", host: "127.0.0.1:8888"
@sumory

This comment has been minimized.

Show comment
Hide comment
@sumory

sumory Jan 9, 2017

Owner

same question about #35

Owner

sumory commented Jan 9, 2017

same question about #35

@sumory

This comment has been minimized.

Show comment
Hide comment
@sumory

sumory Jan 9, 2017

Owner

如果使用的是require "lor.resty.cookie",那么引入的就是lua-resty-cookie这个包,使用方法请参看它的github文档。

建议先不要使用OpenResty-China来测,先单独使用lua-resty-cookie这个包把你需要的场景测试一遍,掌握它的用法后就可以随意移植了。

Owner

sumory commented Jan 9, 2017

如果使用的是require "lor.resty.cookie",那么引入的就是lua-resty-cookie这个包,使用方法请参看它的github文档。

建议先不要使用OpenResty-China来测,先单独使用lua-resty-cookie这个包把你需要的场景测试一遍,掌握它的用法后就可以随意移植了。

@sumory

This comment has been minimized.

Show comment
Hide comment
@sumory

sumory Jan 9, 2017

Owner

我测试的时候写过一个小例子供你参考:

app:get("/cookie", function(req, res, next)
        local test_cookie = req.cookie.get("test_cookie")
        if not test_cookie then
            req.cookie.set("test_cookie", "12345")
            res:send("cookie test, empty cookie[test_cookie]")
        else
            res:send("cookie test, exist cookie[test_cookie]: " .. test_cookie)
        end
end)

第一次访问http://localhost:8888/cookie 时cookie为空,第二次访问时就可以看到已经设置的值了,说明设置成功

Owner

sumory commented Jan 9, 2017

我测试的时候写过一个小例子供你参考:

app:get("/cookie", function(req, res, next)
        local test_cookie = req.cookie.get("test_cookie")
        if not test_cookie then
            req.cookie.set("test_cookie", "12345")
            res:send("cookie test, empty cookie[test_cookie]")
        else
            res:send("cookie test, exist cookie[test_cookie]: " .. test_cookie)
        end
end)

第一次访问http://localhost:8888/cookie 时cookie为空,第二次访问时就可以看到已经设置的值了,说明设置成功

@yjdwbj

This comment has been minimized.

Show comment
Hide comment
@yjdwbj

yjdwbj Jan 9, 2017

@sumory 你这个小例子还是报错的,我这边其实用OpenResty-China这个已经改完了,只是要加一个Cookie识别,我原来是在django上开发,功能全部做出来了,只是它的性能不行,所以才想改到openresty上试试.

 curl -v http://127.0.0.1:8888/iot/v1.0/app/auth/abc/123456/
* Hostname was NOT found in DNS cache
*   Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8888 (#0)
> GET /iot/v1.0/app/auth/abc/123456/ HTTP/1.1
> User-Agent: curl/7.38.0
> Host: 127.0.0.1:8888
> Accept: */*
> 
< HTTP/1.1 200 OK
* Server openresty/1.11.2.1 is not blacklisted
< Server: openresty/1.11.2.1
< Date: Mon, 09 Jan 2017 09:50:26 GMT
< Content-Type: text/plain; charset=utf8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: session=ZGg3cbYCkgtmt6nMLfb7SA..|1483959026|2ssKGc2jV5xVQaLSCkt4_Q..|qOeWVsBM_1tLQwu4aWNTGphuLNU.; Expires=Mon, 09 Jan 2017 10:50:26 GMT; Max-Age=3600; Path=/; SameSite=Lax; HttpOnly
< X-Powered-By: Lor Framework
< 
 get data nil
debug  print table: 0x414901e0
 key: host value: string
 key: accept value: string
 key: user-agent value: string
{"srvs":"127.0.0.10:1883","uuid":"f1852fcde4294f8c917522a12ec25fd1","time":"1483955426","sign":"1B909F6175F3A7785FE44BDA599CD66E21D4B932","expire":600,"ok":true}
{"msg":"用户不存在","ok":false,"err":"UserNotExists"}
* Connection #0 to host 127.0.0.1 left intact

yjdwbj commented Jan 9, 2017

@sumory 你这个小例子还是报错的,我这边其实用OpenResty-China这个已经改完了,只是要加一个Cookie识别,我原来是在django上开发,功能全部做出来了,只是它的性能不行,所以才想改到openresty上试试.

 curl -v http://127.0.0.1:8888/iot/v1.0/app/auth/abc/123456/
* Hostname was NOT found in DNS cache
*   Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8888 (#0)
> GET /iot/v1.0/app/auth/abc/123456/ HTTP/1.1
> User-Agent: curl/7.38.0
> Host: 127.0.0.1:8888
> Accept: */*
> 
< HTTP/1.1 200 OK
* Server openresty/1.11.2.1 is not blacklisted
< Server: openresty/1.11.2.1
< Date: Mon, 09 Jan 2017 09:50:26 GMT
< Content-Type: text/plain; charset=utf8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: session=ZGg3cbYCkgtmt6nMLfb7SA..|1483959026|2ssKGc2jV5xVQaLSCkt4_Q..|qOeWVsBM_1tLQwu4aWNTGphuLNU.; Expires=Mon, 09 Jan 2017 10:50:26 GMT; Max-Age=3600; Path=/; SameSite=Lax; HttpOnly
< X-Powered-By: Lor Framework
< 
 get data nil
debug  print table: 0x414901e0
 key: host value: string
 key: accept value: string
 key: user-agent value: string
{"srvs":"127.0.0.10:1883","uuid":"f1852fcde4294f8c917522a12ec25fd1","time":"1483955426","sign":"1B909F6175F3A7785FE44BDA599CD66E21D4B932","expire":600,"ok":true}
{"msg":"用户不存在","ok":false,"err":"UserNotExists"}
* Connection #0 to host 127.0.0.1 left intact
@yjdwbj

This comment has been minimized.

Show comment
Hide comment
@yjdwbj

yjdwbj Jan 9, 2017

@sumory 对于这个cookie的设置与django区别很大,所以很不明白 lor cookie 的这个功能如何去写,下面是django返回的cookie

 curl -v http://127.0.0.1:8000/iot/v1.0/app/auth/abc/123456/
* Hostname was NOT found in DNS cache
*   Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8000 (#0)
> GET /iot/v1.0/app/auth/abc/123456/ HTTP/1.1
> User-Agent: curl/7.38.0
> Host: 127.0.0.1:8000
> Accept: */*
> 
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Date: Mon, 09 Jan 2017 09:56:20 GMT
< Server: WSGIServer/0.1 Python/2.7.10
< Vary: Cookie
< X-Frame-Options: SAMEORIGIN
< Content-Type: application/json; charset=utf-8
< Set-Cookie:  sessionid=239hbmw00r0aft9vjqqawfdc7a9xyick; expires=Mon, 09-Jan-2017 10:06:20 GMT; httponly; Max-Age=600; Path=/
< 
* Closing connection 0
{"ok": true, "uuid": "f1852fcde4294f8c917522a12ec25fd1", "sign": "239hbmw00r0aft9vjqqawfdc7a9xyick", "srvs": "127.0.0.1:1883", "expire": 600, "time": "1483955780"}yjdwbj@mint17:~/workspace/openresty-china$ 

yjdwbj commented Jan 9, 2017

@sumory 对于这个cookie的设置与django区别很大,所以很不明白 lor cookie 的这个功能如何去写,下面是django返回的cookie

 curl -v http://127.0.0.1:8000/iot/v1.0/app/auth/abc/123456/
* Hostname was NOT found in DNS cache
*   Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8000 (#0)
> GET /iot/v1.0/app/auth/abc/123456/ HTTP/1.1
> User-Agent: curl/7.38.0
> Host: 127.0.0.1:8000
> Accept: */*
> 
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Date: Mon, 09 Jan 2017 09:56:20 GMT
< Server: WSGIServer/0.1 Python/2.7.10
< Vary: Cookie
< X-Frame-Options: SAMEORIGIN
< Content-Type: application/json; charset=utf-8
< Set-Cookie:  sessionid=239hbmw00r0aft9vjqqawfdc7a9xyick; expires=Mon, 09-Jan-2017 10:06:20 GMT; httponly; Max-Age=600; Path=/
< 
* Closing connection 0
{"ok": true, "uuid": "f1852fcde4294f8c917522a12ec25fd1", "sign": "239hbmw00r0aft9vjqqawfdc7a9xyick", "srvs": "127.0.0.1:1883", "expire": 600, "time": "1483955780"}yjdwbj@mint17:~/workspace/openresty-china$ 
@sumory

This comment has been minimized.

Show comment
Hide comment
@sumory

sumory Jan 9, 2017

Owner

刚才的例子在lor0.2.6下测试通过,我不清楚你的具体场景上下文,也没有使用过django,你贴出的文本我也看不懂要表达啥意思。我觉得不应该用一种语言一种框架的思维去限定其他语言和框架的使用习惯。anyway! 问题解决了就好。

Owner

sumory commented Jan 9, 2017

刚才的例子在lor0.2.6下测试通过,我不清楚你的具体场景上下文,也没有使用过django,你贴出的文本我也看不懂要表达啥意思。我觉得不应该用一种语言一种框架的思维去限定其他语言和框架的使用习惯。anyway! 问题解决了就好。

@yjdwbj

This comment has been minimized.

Show comment
Hide comment
@yjdwbj

yjdwbj Jan 9, 2017

@sumory 你这个通过是说,你赋值的cookie 是在HTTP返回的文本里面吧.不是HTTP的头部"Cookie"字段吧.
我一直是想要是设置到response的 HTTP头部里面,不是返回的HTTP的文本里面.
Cookie: sessionid=oapb08l2tdielg6c3wgam9tk6tyxryiy; expires=Mon, 09-Jan-2017 11:12:03 GMT; httponly; Max-Age=600; Path=/

yjdwbj commented Jan 9, 2017

@sumory 你这个通过是说,你赋值的cookie 是在HTTP返回的文本里面吧.不是HTTP的头部"Cookie"字段吧.
我一直是想要是设置到response的 HTTP头部里面,不是返回的HTTP的文本里面.
Cookie: sessionid=oapb08l2tdielg6c3wgam9tk6tyxryiy; expires=Mon, 09-Jan-2017 11:12:03 GMT; httponly; Max-Age=600; Path=/

@sumory

This comment has been minimized.

Show comment
Hide comment
@sumory

sumory Jan 9, 2017

Owner

image

文本是我额外打出来给你看的,设置的cookie是在header里啊。

Owner

sumory commented Jan 9, 2017

image

文本是我额外打出来给你看的,设置的cookie是在header里啊。

@yjdwbj

This comment has been minimized.

Show comment
Hide comment
@yjdwbj

yjdwbj Jan 9, 2017

@sumory 这里就有两个Set-Cookie了,能否用下面这个替换上面那一个?谢谢.

yjdwbj commented Jan 9, 2017

@sumory 这里就有两个Set-Cookie了,能否用下面这个替换上面那一个?谢谢.

@sumory

This comment has been minimized.

Show comment
Hide comment
@sumory

sumory Jan 9, 2017

Owner

为啥要替换?客户端 cookie这样是能写进去的,下次请求这个字段就进入新的请求头了。
你如果非得想替换就去研究lua-resty-cookie,实在实现不了你的想法,那重写个也行,没多少代码。

Owner

sumory commented Jan 9, 2017

为啥要替换?客户端 cookie这样是能写进去的,下次请求这个字段就进入新的请求头了。
你如果非得想替换就去研究lua-resty-cookie,实在实现不了你的想法,那重写个也行,没多少代码。

@yjdwbj

This comment has been minimized.

Show comment
Hide comment
@yjdwbj

yjdwbj Jan 10, 2017

@sumory 我看了一下源码,直接res:set_header('Set-Cookie',"blablalba") , 其实是调用ngx.header['Set-Cookie'] = 'blablaba", 谢谢.

yjdwbj commented Jan 10, 2017

@sumory 我看了一下源码,直接res:set_header('Set-Cookie',"blablalba") , 其实是调用ngx.header['Set-Cookie'] = 'blablaba", 谢谢.

@yjdwbj yjdwbj closed this Jan 10, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment