search

Kong / insomnia

The open-source, cross-platform API client for GraphQL, REST, WebSockets, SSE and gRPC. With Cloud, Local and Git storage.
https://insomnia.rest
Apache License 2.0
34.69k stars 1.97k forks source link

[Bug] Cookie value depends on login request that fails due to no cookie value #1689

Open MarkoSulamagi opened 5 years ago

MarkoSulamagi commented 5 years ago

Simple issue. I have 2 chained requests

  1. POST /login
  2. GET /whatever

From POST /login I receive a token that is set as cookie value for authentication (using response body attribute). The problem is that when requesting /login the first time (when no history exists) then IDE gives an error that the request cookie value (authentication token) can't be read (because /login has never been requested).

So I'm unable to request the endpoint that should fill the cookie value.

The error

image

Things tested:

  1. Disabling "Send cookies automatically" for login request doesn't remove the problem
  2. Removing the cookie, making /login request and setting the cookie back will do the job. But obviously it's not a good solution.
welcome[bot] commented 5 years ago

👋 Thanks for opening your first issue! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. If you're requesting a feature 🎁, please provide real use cases that would benefit. 👪

To help make this a smooth process, please be sure you have first read the contributing guidelines.

MarkoSulamagi commented 5 years ago

Any thoughts on ths?

MarkoSulamagi commented 4 years ago

Still a problem cc @gschier

gschier commented 4 years ago

I'm not understanding what you are trying to do. Can you provide full requests as an example? Screenshots are fine

MarkoSulamagi commented 4 years ago

I have a REST API that authenticates requests via Cookie (not custom HTTP Header). There are 2 requests: POST /sessions - returns a session_id that should be set to cookie GET /sessions - retrieves the session object based on session_id (session_id is sent to server via cookie).

Problem is that if POST /sessions hasn't been called before then the cookie response value is invalid

Cookie value response image

Cookie configuration: If POST /sessions has never been called (history is empty) then it shows that cookie value "Response" is invalid and I'm not able to do POST /sessions, because it says cookie value is invalid (the screenshot in the original post) image

If I remove the cookie, call POST /sessions and then re-apply the cookie then it shows a valid "Response" as value and both POST and GET /sessions work as expected image

I hope this helps understand the issue :)

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.