1. 首页
  2. 问答
  3. 使用卫星时身份验证令牌的问题

使用卫星时身份验证令牌的问题

2017-07-31 101 views
0

我试图使用Satellizer 0.15.5来管理我的用户身份验证。使用卫星时身份验证令牌的问题

配置我satellizer如下:

$authProvider.loginUrl = "http://localhost:8080/login/"; 
$authProvider.tokenName = "Authorization"; 
$authProvider.tokenPrefix = "myApp",

而在我的控制,我有:

$auth.login({ 
     userName: $scope.user, 
     userPassword: $scope.password 
    }) 
    .then(function(){ 
     $location.path("/"); 
     ngDialog.close(); 

    }) 
    .catch(function(response){ 
     // Something went wrong 
    });

它正确地meakes的要求,事实上,我得到我的头,我期待,并且我得到我的授权令牌,但是,它不会在以下请求中发送。

Theese是我找回只有头在我的服务器:

Header: Origin 
Header: Cache-Control 
Header: Accept 
Header: Connection 
Header: User-Agent 
Header: Referer 
Header: Host 
Header: Pragma 
Header: Accept-Encoding 
Header: Accept-Language

而且我不设置任何头中的代码的任何其他点......我失去了一些配置或者出了什么问题?

编辑:我正在使用角1.6.4,所以它不是不兼容版本问题。

来源

2017-07-31 Manu

回答

0

这是我在我的项目:

function getApiPath() { 
    var apiPath = '/api.php/'; 
    return apiPath; 
    } 

    var apiPath = getApiPath(); 

    $authProvider.httpInterceptor = false; // Add Authorization header to HTTP request 
    $authProvider.loginOnSignup = true; 
    $authProvider.loginRedirect = '/'; 
    //$authProvider.logoutRedirect = '/'; 
    $authProvider.signupRedirect = '#/login'; 
    $authProvider.loginUrl = apiPath + 'login'; 
    $authProvider.signupUrl = apiPath + 'signup'; 
    $authProvider.loginRoute = '#/login'; 
    $authProvider.signupRoute = '#/signup'; 
    $authProvider.tokenRoot = false; 
    $authProvider.tokenName = 'token'; 
    $authProvider.tokenPrefix = 'MyCompany_' + window.location.host; 
    $authProvider.unlinkUrl = '#/unlink/'; 
    $authProvider.unlinkMethod = 'get'; 
    $authProvider.authHeader = 'Authorization'; 
    $authProvider.withCredentials = true;

希望它会帮助你。

因为跨域问题,我发送请求api.php - 位于我的客户项目,看起来像:

<?php 

$CORS_approved_array = array('Google Calendar Gadget'); 

// && isset($_SERVER['HTTP_X_REQUESTED_WITH']) && in_array($_SERVER['HTTP_X_REQUESTED_WITH'], $CORS_approved_array) 
if (isset($_SERVER['HTTP_ORIGIN'])) { 
    header('Access-Control-Allow-Origin: '.$_SERVER['HTTP_ORIGIN']); 
    header('Access-Control-Allow-Methods: POST'); 
    header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization"); 
    header('Access-Control-Allow-Credentials: true'); 
} 

date_default_timezone_set('GMT'); 

$protocol = 'https://'; 

$client_host = isset($_SERVER["HTTP_HOST"]) ? $_SERVER["HTTP_HOST"] : 'localhost'; 
if (strpos($client_host, 'www') !== FALSE) { 
    $client_host = substr($client_host, 4); 
} 


if (FALSE !== strpos($client_host, 'local_src')) { 
    $RemotePageURL = 'https://local-api.mycomp.me/index.php/api_client'; 
} 
else if (FALSE !== strpos($client_host, 'localsrc')) { 
    $RemotePageURL = 'https://local-api.mycomp.me/index.php/api_client'; 
} 
else if (FALSE !== strpos($client_host, 'local')) { 
    $RemotePageURL = 'http://local-api.mycomp.me/index.php/api_client'; 
} 
else if (FALSE !== strpos($client_host, 'staging')) { 
    $RemotePageURL = $protocol.'staging-api.mycomp.me/app'; 
} 
else if (FALSE !== strpos($client_host, 'dev')) { 
    $RemotePageURL = $protocol.'dev-api.mycomp.me/app'; 
} 
else { 
    $RemotePageURL = $protocol.'api.mycomp.me/app'; 
} 

$RemotePageURL .= substr($_SERVER['REQUEST_URI'], strlen($_SERVER['SCRIPT_NAME'])); 


mb_internal_encoding('UTF-8'); 

$options = array(
    CURLOPT_RETURNTRANSFER => true, 
    CURLOPT_HEADER   => false, 
    CURLOPT_CONNECTTIMEOUT => 120, 
    CURLOPT_TIMEOUT  => 120, 
    CURLOPT_FOLLOWLOCATION => true, 
    CURLOPT_MAXREDIRS  => 10, 
    CURLOPT_AUTOREFERER => true, 
    CURLOPT_USERAGENT  => $_SERVER['HTTP_USER_AGENT'], 
    CURLOPT_VERBOSE  => false, 
    CURLOPT_SSL_VERIFYHOST => 0, 
    CURLOPT_SSL_VERIFYPEER => 0 
); 

if(isset($_SERVER['HTTP_REFERER'])) { 
    $options[CURLOPT_REFERER] = $_SERVER['HTTP_REFERER']; 
} 

$post_data_json = file_get_contents("php://input"); 
if (count($_COOKIE) && isset($_COOKIE['external_api'])) { 
    if (strpos($RemotePageURL, '_register')) { 
     $post_data_array = array(); 
     if (!empty($post_data_json)) { 
      $post_data_array = json_decode($post_data_json, true); 
     } 

     $external_api_array = json_decode($_COOKIE['external_api'], true); 
     if (count($external_api_array)) { 
      foreach ($external_api_array as $key => $value) { 
       $post_data_array[$key] = $value; 
      } 
     } 

     $post_data_json = json_encode($post_data_array); 
    } 
    // expire cookie 
    setcookie('external_api', '', time() - 3600); 
} 

if ($post_data_json) { 
    $options[CURLOPT_POST] = 1; 
    $options[CURLOPT_POSTFIELDS] = $post_data_json; 
    $options[CURLOPT_HTTPHEADER] = array (
     'Content-Type: application/json', 
     'Content-Length: ' . strlen($post_data_json) 
    ); 
} 

$ch = curl_init($RemotePageURL); 
curl_setopt_array($ch,$options); 
$response = curl_exec($ch); 

$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); 

if ($httpCode != 200){ 
    http_response_code($httpCode); 
} 
else { 
    $vars_array = json_decode($response, true); 
    if (isset($vars_array['data']['session_array']) && count($vars_array['data']['session_array'])) { 
     $session_array = $vars_array['data']['session_array']; 
     unset($vars_array['data']['session_array']); 

     // create cookie with ttl for a day (in case client clock is not tuned well) 
     setcookie('external_api', json_encode($session_array), time() + 86400); 

     $response = json_encode($vars_array); 
    } 

    header('Content-Type: application/json'); 
    echo $response; 
} 

curl_close($ch);

来源

2017-07-31 08:25:43

+0

更改后,相同的结果对我来说,仍然没有工作。 – Manu

+0

@Manu我给你客户端+服务器端的例子。如果还不行的话,试着深入其他地区。我用''satellizer“:”〜0.9.3“,' –

相关问题

 相关问题