Authentication Couchdb\u会话POST未从Angular 7应用程序返回Chrome中的set cookie头_Authentication_Post_Cookies_Couchdb_Angular7

Authentication Couchdb\u会话POST未从Angular 7应用程序返回Chrome中的set cookie头

authentication post cookies couchdb

Authentication Couchdb\u会话POST未从Angular 7应用程序返回Chrome中的set cookie头,authentication,post,cookies,couchdb,angular7,Authentication,Post,Cookies,Couchdb,Angular7,我有一个Angular 7应用程序向couchDb\u会话api发出POST请求以进行身份验证。根据，我应该在响应头中设置cookie头，但没有设置cookie头这是响应的样子： Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: http://localhost:5800 Access-Control-Expose-Headers: content-type, cache-control, accept-ra

我有一个Angular 7应用程序向couchDb\u会话api发出POST请求以进行身份验证。根据，我应该在响应头中设置cookie头，但没有设置cookie头

这是响应的样子：

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://localhost:5800
Access-Control-Expose-Headers: content-type, cache-control, accept-ranges, etag, server, x-couch-request-id, x-couch-update-newrev, x-couchdb-body-time
Cache-Control: must-revalidate
Connection: keep-alive
Content-Length: 46
Content-Type: application/json
Date: Mon, 10 Jun 2019 20:21:53 GMT
Server: nginx/1.10.3 (Ubuntu)

但是如果我通过curl发送相同的请求：

旋度-v-H “内容类型：应用程序/json
“-d'{“名称”：“用户”，“密码”：“密码”}”

这就是我得到的：

< HTTP/1.1 200 OK
< Server: nginx/1.10.3 (Ubuntu)
< Date: Mon, 10 Jun 2019 20:25:54 GMT
< Content-Type: application/json
< Content-Length: 46
< Connection: keep-alive
< Cache-Control: must-revalidate
< Set-Cookie: AuthSession=c2JxMTIzOjVDRkVCQ0QyOvjMZQhdhyUqRjmDjl_Hipiz7hxa; Version=1; Expires=Mon, 10-Jun-2019 20:35:54 GMT; Max-Age=600; Path=/; HttpOnly
<
{ [46 bytes data]
100    87  100    46  100    41     46     41  0:00:01 --:--:--  0:00:01   154{"ok":true,"name":"username","roles":["sales"]}

如何找到解决方案？

使用

Basic Authorization

标题和

with credentials:true

应该可以

let httpHeaders = new HttpHeaders();
httpHeaders = httpHeaders.set('Accept', 'application/json');
httpHeaders = httpHeaders.set('Content-type', 'application/json');
httpHeaders = httpHeaders.set('Authorization', 'Basic ' + btoa(user + ':' + password));
const options = { headers: httpHeaders, withCredentials: true };

this._httpService.doAsyncTask(AppConstants.LOGIN_URL, 'POST', data, options);

btoa（）

在base-64中对用户/密码进行编码。

数据

对象不应再次包含凭据。

非常感谢@u尽管它工作起来很有魅力。但是，我还有一个问题，就是浏览器没有为后续请求设置GET_会话api的标题中的cookie，即使在使用withCredentials之后也是如此：true。我会做更多的研究，让你知道。

let httpHeaders = new HttpHeaders();
httpHeaders = httpHeaders.set('Accept', 'application/json');
httpHeaders = httpHeaders.set('Content-type', 'application/json');
httpHeaders = httpHeaders.set('Authorization', 'Basic ' + btoa(user + ':' + password));
const options = { headers: httpHeaders, withCredentials: true };

this._httpService.doAsyncTask(AppConstants.LOGIN_URL, 'POST', data, options);