Ember.js 余烬简单身份验证令牌赢得';t白名单API服务器
我一直在绞尽脑汁想弄清楚我错过了什么;我正在使用Ember.js 余烬简单身份验证令牌赢得';t白名单API服务器,ember.js,ember-simple-auth,Ember.js,Ember Simple Auth,我一直在绞尽脑汁想弄清楚我错过了什么;我正在使用simple auth和simple auth token库(通过ember cli 0.2.3),似乎无法让我的应用程序设置适当的提示:HTTP头。据我所知,最常见的疏忽是人们没有在simple authENV变量上设置crossOriginWhitelist:属性。但是,即使值为['*'],我似乎也无法让余烬发送包含API请求的标题。请注意,我正在替换以前的手动(尽管是半生不熟的!)身份验证解决方案,因此我知道我的API服务器可以正常工作,并将
simple auth
和simple auth token
库(通过ember cli 0.2.3
),似乎无法让我的应用程序设置适当的提示:
HTTP头。据我所知,最常见的疏忽是人们没有在simple auth
ENV变量上设置crossOriginWhitelist:
属性。但是,即使值为['*']
,我似乎也无法让余烬发送包含API请求的标题。请注意,我正在替换以前的手动(尽管是半生不熟的!)身份验证解决方案,因此我知道我的API服务器可以正常工作,并将在提供正确凭据的情况下进行身份验证
当我运行登录
操作时,一切工作都完美无缺。如果在那之后我击中了一条受保护的余烬路线,它也可以正常工作。当Ember data
试图点击我的API(在http://localhost:3000
);它返回一个401
(因为它没有设置授权:
标题)并转换到我的站点索引
以下是代码的相关部分:
config/environments.js
...
ENV['simple-auth'] = {
authenticationRoute: 'login',
authorizer: 'simple-auth-authorizer:token',
crossOriginWhitelist: ['*']
};
ENV['simple-auth-token'] = {
identificationField: 'email',
passwordField: 'password',
tokenPropertyName: 'token',
authorizationPrefix: 'Bearer ',
authorizationHeaderName: 'Authorization'
};
...
import Ember from 'ember';
export default Ember.Route.extend({
actions: {
login: function(){
var creds = this.controller.getProperties('identification', 'password');
this.get('session').authenticate('simple-auth-authenticator:jwt', creds)
.then(function() {
// +
}, function() {
// -
});
}
}
});
import Ember from 'ember';
import ApplicationRouteMixin from 'simple-auth/mixins/application-route-mixin';
export default Ember.Route.extend(ApplicationRouteMixin);
路由/login.js
...
ENV['simple-auth'] = {
authenticationRoute: 'login',
authorizer: 'simple-auth-authorizer:token',
crossOriginWhitelist: ['*']
};
ENV['simple-auth-token'] = {
identificationField: 'email',
passwordField: 'password',
tokenPropertyName: 'token',
authorizationPrefix: 'Bearer ',
authorizationHeaderName: 'Authorization'
};
...
import Ember from 'ember';
export default Ember.Route.extend({
actions: {
login: function(){
var creds = this.controller.getProperties('identification', 'password');
this.get('session').authenticate('simple-auth-authenticator:jwt', creds)
.then(function() {
// +
}, function() {
// -
});
}
}
});
import Ember from 'ember';
import ApplicationRouteMixin from 'simple-auth/mixins/application-route-mixin';
export default Ember.Route.extend(ApplicationRouteMixin);
路由/application.js
...
ENV['simple-auth'] = {
authenticationRoute: 'login',
authorizer: 'simple-auth-authorizer:token',
crossOriginWhitelist: ['*']
};
ENV['simple-auth-token'] = {
identificationField: 'email',
passwordField: 'password',
tokenPropertyName: 'token',
authorizationPrefix: 'Bearer ',
authorizationHeaderName: 'Authorization'
};
...
import Ember from 'ember';
export default Ember.Route.extend({
actions: {
login: function(){
var creds = this.controller.getProperties('identification', 'password');
this.get('session').authenticate('simple-auth-authenticator:jwt', creds)
.then(function() {
// +
}, function() {
// -
});
}
}
});
import Ember from 'ember';
import ApplicationRouteMixin from 'simple-auth/mixins/application-route-mixin';
export default Ember.Route.extend(ApplicationRouteMixin);
提前感谢。在
config/environment.js
中,尝试添加:
var ENV = {
...
contentSecurityPolicy: {
'default-src': "'none'",
'script-src': "'self'",
'font-src': "'self'",
'connect-src': "'self' *",
'img-src': "'self'",
'style-src': "'self'",
'media-src': "'self'"
}
...
};
不幸的是,没有骰子。可能是因为我的服务器没有以正确的格式发送数据?它似乎很好地将其存储在localstorage中。此外,正如人们所期望的那样,密钥被设置为
token
。