Retrofit, do I need to use expire/max-age?

A

Alexander Popov2015-09-23 13:04:09

Android

Alexander Popov, 2015-09-23 13:04:09

Good afternoon, there is a rest service, I use Retofit to work with it, when I log in, I get a cookie in response.
then I use this cookie to get information from the service.
I get it like this:

String cookie = service.atuhorize(...).execute().raw().header("Set-Cookie");

She looks like this:

JSESSIONID=<тут куча букв>; path=/iapp; Max-Age=31536000; Expires=Thu, 22-Sep-2016 10:04:15 GMT

I use this cookie like this:

@Headers({"Content-Type: application/json"})
@GET("iapp/getCurrentUser")
Call<Profile> getCurrentUser(@Header("Set-Cookie") String cookieA);

But the service considers me not authorized, hence the questions:
1) Am I setting the header correctly - do I need "Set-Cookie"?
2) Do I need to set max-age/expire for cookies, and if so, how?
p.s. Thanks in advance!

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Dante Faustoff, 2015-09-23
@Chuffey

Only JSESSIONID (exactly that bunch of characters) is enough,
max-age seems to indicate the lifespan of cookies on the server side, but Expires, apparently, is the date the session was created.