Fatal编程技术网
  • javascript/
  • Javascript 反应授权标头不工作

Javascript 反应授权标头不工作

javascript reactjs

Javascript 反应授权标头不工作,javascript,reactjs,Javascript,Reactjs,我目前在oAuth身份验证中工作,它在rest客户端中运行良好 但在React Js(401)中显示错误。react的代码为: let UserAPI = { login(username, password){ const requestOptions = { method: 'POST', headers: {'Authorization': 'Basic ' + btoa('livechat-api-client:

我目前在oAuth身份验证中工作,它在rest客户端中运行良好

但在React Js(401)中显示错误。react的代码为:

let UserAPI = {

    login(username, password){
        const requestOptions = {
            method: 'POST',
            headers: {'Authorization': 'Basic ' + btoa('livechat-api-client:livechat'), 'Content-Type': 'application/x-www-form-urlencoded; charset=utf-8' },
            body: `username=${username}&password=${password}&grant_type=password`
        };
        return fetch('http://localhost/cronos/oauth/token', requestOptions)
            .then(response => {
                if (!response.ok) {
                    return Promise.reject(response.statusText);
                }
                return response.json();
            })
            .then(user => {
                // login successful if there's a jwt token in the response
                if (user && user["access_token"]) {
                    // store user details and jwt token in local storage to keep user logged in between page refreshes
                    localStorage.setItem('user', JSON.stringify(user));
                }
                return user;
            });
    }
}

export default UserAPI;
谢谢,这一期是关于cors的。我在spring应用程序中添加了cors过滤器,并允许spring security中的选项

添加了新过滤器

 @Component
    @Order(3)
    public class CorsFilter implements Filter {

        public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
            final HttpServletResponse response = (HttpServletResponse) res;
            response.setHeader("Access-Control-Allow-Origin", "*");
            response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
            response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type");
            response.setHeader("Access-Control-Max-Age", "3600");
            if ("OPTIONS".equalsIgnoreCase(((HttpServletRequest) req).getMethod())) {
                response.setStatus(HttpServletResponse.SC_OK);
            } else {
                chain.doFilter(req, res);
            }
        }

        @Override
        public void destroy() {
        }

        @Override
        public void init(FilterConfig config) throws ServletException {
        }
    }
在spring security中,我忽略选项http方法

@Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers(HttpMethod.OPTIONS, "/oauth/token");
}
您得到的确切错误是什么?我得到的是401错误,我认为授权标头不工作您是否看到访问控制允许原始标头不存在错误中的消息相同的进程在rest客户端中工作正常,但在react 401中发生错误,在服务器端并没有错误,所以我认为反应中有一些错误。我很确定这是cors问题,请检查这个。您的后端使用什么语言