Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/ruby-on-rails/53.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Javascript ng令牌身份验证未持久化_Javascript_Ruby On Rails_Angularjs_Authentication_Devise - Fatal编程技术网
Fatal编程技术网
  • javascript/
  • Javascript ng令牌身份验证未持久化

Javascript ng令牌身份验证未持久化

javascript ruby-on-rails angularjs authentication

Javascript ng令牌身份验证未持久化,javascript,ruby-on-rails,angularjs,authentication,devise,Javascript,Ruby On Rails,Angularjs,Authentication,Devise,目前,我有一个非常简单的应用程序,它使用ngtokenauth和rails的设计tokenauth。它运行良好,$auth方法运行良好(例如,登录)。但是,在页面刷新时,访问令牌不会持久存在,也不会使用ipCookie写入cookie My rails应用程序正在转发正确的标题,如下所示: Access-Control-Allow-Credentials:true Access-Control-Allow-Methods:GET, POST, DELETE, PUT, OPTIONS, HEAD

目前,我有一个非常简单的应用程序,它使用
ngtokenauth
和rails的
设计tokenauth
。它运行良好,$auth方法运行良好(例如,登录)。但是,在页面刷新时,
访问令牌
不会持久存在,也不会使用ipCookie写入cookie

My rails应用程序正在转发正确的标题,如下所示:

Access-Control-Allow-Credentials:true
Access-Control-Allow-Methods:GET, POST, DELETE, PUT, OPTIONS, HEAD
Access-Control-Allow-Origin:http://localhost
Access-Control-Expose-Headers:
Access-Control-Max-Age:0
access-token:XXXXXXXXXXXXXX
Cache-Control:max-age=0, private, must-revalidate
client:nYMXLxnuO7BIGZkdXkZ_Xg
Connection:Keep-Alive
Content-Type:application/json; charset=utf-8
Date:Sat, 09 May 2015 21:41:56 GMT
ETag:"c16291f5079691a2528d5a7876627ede"
expiry:1431294116
Keep-Alive:timeout=5, max=99
Server:Apache/2.4.10 (Unix) PHP/5.5.20
token-type:Bearer
Transfer-Encoding:chunked
uid:tester53@mailinator.com
Vary:Origin
X-Content-Type-Options:nosniff
X-Frame-Options:SAMEORIGIN
X-Request-Id:2b224904-944c-48f7-aa4e-d0407e26e893
X-Runtime:0.230242
X-XSS-Protection:1; mode=block
但是当它通过
ng-token-auth
updateHeadersFromResponse
方法运行时,头返回null——特别是在ng-token-auth.js的第588行中

updateHeadersFromResponse = function($auth, resp) {
  var key, newHeaders, val, _ref;
  newHeaders = {};
  _ref = $auth.getConfig().tokenFormat;
  for (key in _ref) {
    val = _ref[key];
    if (resp.headers(key)) {
      newHeaders[key] = resp.headers(key);
    }
  }
  if (tokenIsCurrent($auth, newHeaders)) {
    return $auth.setAuthHeaders(newHeaders);
  }
};
有人遇到过这种情况吗?为什么标题不能传递给这个
$httpProvider
方法?

我在这篇文章中找到了答案

我使用的是多域设置,因此API域需要在CORS配置中有一些额外的公开头。因此,在rails cors gem中,我为访问令牌添加了一个额外的公开值:

config.middleware.insert_before 0, "Rack::Cors" do
  allow do
    origins 'api.com'

    resource '*',
      :headers => :any,
      :methods => [:get, :post, :delete, :put, :options, :head],
      :expose  => ['access-token', 'expiry', 'token-type', 'uid', 'client'],
      :max_age => 0
  end
end
更新:显示angular所需的所有字段,而不仅仅是使其工作的字段。

是!!我在网上搜索了好几天,终于找到了。两个词:救生圈!非常感谢,节省了我大量的调试和工作,就像重新加载时的魅力!