I use Weixin’s applet to log in to erpnext through the api. After successful login, I access api/resource/doctype and get the result “You do not have enough permissions to complete the action”. I add cookie information to the header, but the second API accesses the result cookie sid = Guest. The code is as follows:
wx.request({
url: 'https://www.***.com/api/method/login?usr=Administrator&pwd=f55b49c5dd43add21794ab10',
method: 'GET',
success: function(res) {
console.log(res);
if (res && res.header && res.header['Set-Cookie']) {
//successful login,
// wx.setStorageSync('cookie_Key', res.header['Set-Cookie'].split("sid=")[1].split("; Expires=")[0]); //get sid
wx.setStorageSync('cookie_Key', res.cookies); //get cookie
wx.setStorageSync('cookie_token', res.data['csrf_token']); //get token
}
let cookie = wx.getStorageSync('cookie_Key');
let token = wx.getStorageSync('cookie_token');
let header = {
'Content-Type': 'application/x-www-form-urlencoded'
};
// let header = { 'Content-Type': 'x-www-form-urlencoded;charset=UTF-8'};
if (cookie) {
header.cookies = cookie;
header['Set-Cookie'] = cookie;
header['X-Frappe-CSRF-Token'] = token;
console.log(header);
}
wx.request({
url: 'https://www.***.com/api/resource/User',
method: "GET",
headers: header,
success: function(res) {
console.log(res);
},
fail: function(err) {
// fail
console.log(err);
}
})
},
fail: function(err) {
// fail
console.log(err);
}
})