我不明白某些东西或遗漏了我认为的东西。 我有一个LoginPage授权用户(这是Angularjs 1.5) 作为后端我有斯卡拉/播放的是验证用户和pwd应用 所以现在我的问题是,在登录服务都得到精细Angularjs在标题中没有标记
var token = $cookies["XSRF-TOKEN"];
if (token) {
$http.get('http://localhost:9000/ping')
.then(
function (response) {
return $http.get("http://localhost:9000/users/" + response.data.userId)
}, function (response) {
token = undefined;
$cookies["XSRF-TOKEN"] = undefined;
return $q.reject("Token invalid");
}
).then(
function (response) {
console.log(response.data);
}, function (response) {
console.log("error");
}
);
}
$http.post('http://localhost:9000/login', user)
.then(function (response) {
token = response.data.authToken;
console.log(token);
var userId = response.data.userId;
return $http.get('http://localhost:9000/users/' + userId)
}, function (response) {
console.log(response.data.err);
// return 'empty' promise so the right `then` function is called
return $q.reject("Login failed");
}).then(
function (response) {
console.log(response);
}
)
}
罚款但在接下来的情况下,我发送一个GET请求到API,并且想要检查XSRF Cookie,但没有cookie被发送。
这里是安全特质在斯卡拉 -
def HasToken[A](p: BodyParser[A] = parse.anyContent)(f: String => Long => Request[A] => Result): Action[A] =
Action(p) { implicit request =>
val maybeToken = request.headers.get(AuthTokenHeader).orElse(request.getQueryString(AuthTokenUrlKey))
maybeToken flatMap { token =>
cache.get[Long](token) map { userid =>
f(token)(userid)(request)
}
} getOrElse Unauthorized(Json.obj("err" -> "No Token"))
}
所以现在我的问题是 - 哪里是头令牌?
更新: 这里是我的app.js
'use strict';
function testInterceptor($rootScope, $q, $timeout) {
return function(promise) {
return promise.then(
function(response) {
return response;
},
function(response) {
if (response.status == 401) {
$rootScope.$broadcast("InvalidToken");
$rootScope.sessionExpired = true;
$timeout(function() {$rootScope.sessionExpired = false;}, 5000);
} else if (response.status == 403) {
$rootScope.$broadcast("InsufficientPrivileges");
} else {
// Here you could handle other status codes, e.g. retry a 404
}
return $q.reject(response);
}
);
};
}
var app=angular.module('telephone', ['ngRoute', 'ngCookies']);
app.factory('testInterceptor', testInterceptor);
app.config(["$httpProvider", "$routeProvider",function ($httpProvider, $routeProvider) {
$httpProvider.interceptors.push('testInterceptor');
$routeProvider.when('/login', {templateUrl: '../partials/login.html', controller: 'loginController'});
$routeProvider.otherwise({redirectTo: '/login'});
}]);
是您的角度应用在localhost域上运行,或者如何在浏览器中访问它?由于它们必须匹配,所以otherwiser angular/javascript将不会看到一个cookie, – Zyga
都在本地主机上运行(angularjs localhost:8000,scala Backend localhost:9000) – tbere