Odoo 14 的 Postman 身份验证
Postman authentication for Odoo 14
如何使用postman测试需要身份验证的odoo 14.0控制器方法?
我曾经有一个简单的身份验证请求:
url: http://localhost:8014/web/session/authenticate
方法:GET
headers: Content-Type: application/json
body:
{
"jsonrpc": "2.0",
"params": {
"db": "v14pos",
"login": "admin",
"password": "admin"
}
}
发送身份验证请求后,postman 将设置 session_id cookie,它将起作用。
但是在 14.0 中,即使设置了 session_id cookie,我在尝试调用需要身份验证的 url 时收到以下错误:
{
"jsonrpc": "2.0",
"id": null,
"error": {
"code": 200,
"message": "Odoo Server Error",
"data": {
"name": "odoo.exceptions.AccessDenied",
"debug": "Traceback (most recent call last):\n File \"/home/obi/src/vs/odoo14/addons/http_routing/models/ir_http.py\", line 450, in _dispatch\n cls._authenticate(func)\n File \"/home/obi/src/vs/odoo14/odoo/addons/base/models/ir_http.py\", line 132, in _authenticate\n raise AccessDenied()\nException\n\nThe above exception was the direct cause of the following exception:\n\nTraceback (most recent call last):\n File \"/home/obi/src/vs/odoo14/odoo/http.py\", line 639, in _handle_exception\n return super(JsonRequest, self)._handle_exception(exception)\n File \"/home/obi/src/vs/odoo14/odoo/http.py\", line 315, in _handle_exception\n raise exception.with_traceback(None) from new_cause\nodoo.exceptions.AccessDenied: Access Denied\n",
"message": "Access Denied",
"arguments": [
"Access Denied"
],
"context": {}
}
}
}
这适用于版本 11.0。
我注意到 14.0 中的 HTTP header 以不同的方式包含 cookie:
Cookie: TWISTED_SESSION=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2luZm8iOnsiYW5vbnltb3VzIjp0cnVlfSwiZXhwIjoxNjAzNjM0NDM5fQ.pJs2oOjQYOQrFnolafUlNZ4Bg4OMJ_itRaZPEUoaLeE; frontend_lang=en_US; fileToken=dummy-because-api-expects-one; tz=Africa/Khartoum; session_id=d36df662e749f368c32dcbecc07bf578dd57de8a
什么是TWISTED_SESSOIN?是它导致了问题吗?
我找到了解决方案,或者说是问题所在。
我在控制器方法中为 auth 设置了错误的值,它是:
@http.route('/route/', auth='auth', type='json')
并将其更改为:
@http.route('/route/', auth='user', type='json')
如何使用postman测试需要身份验证的odoo 14.0控制器方法?
我曾经有一个简单的身份验证请求:
url: http://localhost:8014/web/session/authenticate
方法:GET
headers: Content-Type: application/json
body:
{
"jsonrpc": "2.0",
"params": {
"db": "v14pos",
"login": "admin",
"password": "admin"
}
}
发送身份验证请求后,postman 将设置 session_id cookie,它将起作用。
但是在 14.0 中,即使设置了 session_id cookie,我在尝试调用需要身份验证的 url 时收到以下错误:
{
"jsonrpc": "2.0",
"id": null,
"error": {
"code": 200,
"message": "Odoo Server Error",
"data": {
"name": "odoo.exceptions.AccessDenied",
"debug": "Traceback (most recent call last):\n File \"/home/obi/src/vs/odoo14/addons/http_routing/models/ir_http.py\", line 450, in _dispatch\n cls._authenticate(func)\n File \"/home/obi/src/vs/odoo14/odoo/addons/base/models/ir_http.py\", line 132, in _authenticate\n raise AccessDenied()\nException\n\nThe above exception was the direct cause of the following exception:\n\nTraceback (most recent call last):\n File \"/home/obi/src/vs/odoo14/odoo/http.py\", line 639, in _handle_exception\n return super(JsonRequest, self)._handle_exception(exception)\n File \"/home/obi/src/vs/odoo14/odoo/http.py\", line 315, in _handle_exception\n raise exception.with_traceback(None) from new_cause\nodoo.exceptions.AccessDenied: Access Denied\n",
"message": "Access Denied",
"arguments": [
"Access Denied"
],
"context": {}
}
}
}
这适用于版本 11.0。
我注意到 14.0 中的 HTTP header 以不同的方式包含 cookie:
Cookie: TWISTED_SESSION=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2luZm8iOnsiYW5vbnltb3VzIjp0cnVlfSwiZXhwIjoxNjAzNjM0NDM5fQ.pJs2oOjQYOQrFnolafUlNZ4Bg4OMJ_itRaZPEUoaLeE; frontend_lang=en_US; fileToken=dummy-because-api-expects-one; tz=Africa/Khartoum; session_id=d36df662e749f368c32dcbecc07bf578dd57de8a
什么是TWISTED_SESSOIN?是它导致了问题吗?
我找到了解决方案,或者说是问题所在。
我在控制器方法中为 auth 设置了错误的值,它是:
@http.route('/route/', auth='auth', type='json')
并将其更改为:
@http.route('/route/', auth='user', type='json')