Closed tillyr-cube48 closed 3 years ago
How are you sending your cookie?.
I am also facing same issue, I am using postman to test the api, /auth route is working fine but with other route's I am facing same redirection issue and getting odoo login page as response.
Please find below postman request and Odoo logs
PostmanRequest
Odoo-Logs
2020-12-03 10:07:50,550 1 DEBUG pls odoo.modules.registry: Multiprocess signaling check: [Registry - 2 -> 2] [Cache - 18 -> 18] 2020-12-03 10:07:50,566 1 INFO pls werkzeug: 172.27.0.1 - - [03/Dec/2020 10:07:50] "GET /api/res.users HTTP/1.1" 302 - 1 0.001 0.018 2020-12-03 10:07:50,582 1 DEBUG pls odoo.modules.registry: Multiprocess signaling check: [Registry - 2 -> 2] [Cache - 18 -> 18] 2020-12-03 10:07:50,601 1 INFO pls werkzeug: 172.27.0.1 - - [03/Dec/2020 10:07:50] "GET /web/login?redirect=http%3A%2F%2Flocalhost%3A8069%2Fapi%2Fres.users HTTP/1.1" 200 - 4 0.003 0.018
Just to add more I am using postaman intercepter for sending cookies & working with odoo14
because nested a web/session/authenticate/
call inside /auth
, this is wrong for Odoo, there is 2 different sessions, each one is auth =none
, and/auth
return the wrong one that has not be authenticated.
BTW. auth= none
should set uid = none in session, means the user in session has not login.
there have 2 solution,
1, dont use /auth
, use /web/session/authenticate
instead
2, rewrite /auth
, call odoo internal call http.request.session.authenticate
directly
good lucks.
Hi,
Thanks for your module this makes our work very simpler. I am working in Odoo 13
As mentioned, due to security purpose I sent the session_id in cookies but instead of returning the results I get Odoo Login page as the response (302 error - Redirection) for GET and DELETE Methods and Odoo session expired response for POST
could you please guide me on this issue?