问题
I am currently using Postman to test my REST API. I've built it using Ruby-On-Rails, and using devise_token_auth to manage users sessions. After a successful log in, my API is rendering a client, an access-token, a token-type(BEARER) and an Uid. These elements are needed for every request that requires the user to be logged in and have to be sent on the header.
Let's say I am creating an article using a POST. The first POST succeeds and creates the article but when I try to create another article, I get :
{
"errors": [
"Authorized users only."
]
}
I suspect either Postman is behaving as a different client after each request, or my API is creating an access-token for the user after each request.
回答1:
I finally managed to fix the issue:
According to devise_token_auth gem documentation, the access-token changes each time the client queries the API. Thus, I had to update the access-token, on my headers, whenever I wanted to send a request to my API.
To prevent the access-token from being changed after each request, add the following line to confing/initializers/devise_token_auth.rb:
config.change_headers_on_each_request = false
回答2:
I added an answer to this linked question that applies to this question also. Using Tests and Pre-Requests scripts you can have Postman automatically save and update the token after each request.
This lets you use Postman without having to set config.change_headers_on_each_request = false inside your Rails app.
来源:https://stackoverflow.com/questions/36007544/rest-api-testing-postman-behaving-as-different-client-after-each-request