那些遇到过的问题

EmberJS simpleauth,设计授权者不发送令牌头

xrl*_*xrl 1 ruby-on-rails devise ember.js ember-cli ember-simple-auth

我无法弄清楚如何ember-simple-auth使用ember-simple-auth-devise授权器(版本0.7.2)将令牌标头附加到我的后端请求.

这是我的config/environment.js样子:

  var ENV = {
    modulePrefix: 'frontend-app',
    environment: environment,
    baseURL: '/',
    locationType: 'auto',
    EmberENV: {
      FEATURES: {}
    },

    APP: {},

    'simple-auth': {
      authenticationRoute: 'sign-in',
      authorizer: 'simple-auth-authorizer:devise'
    }
  };

  if (environment === 'development') {
    // ENV.APP.LOG_RESOLVER = true;
    // ENV.APP.LOG_ACTIVE_GENERATION = true;
    ENV.APP.LOG_TRANSITIONS = true;
    // ENV.APP.LOG_TRANSITIONS_INTERNAL = true;
    // ENV.APP.LOG_VIEW_LOOKUPS = true;

    ENV.contentSecurityPolicy = {
      'font-src': "'self' http://fonts.gstatic.com",
      'style-src': "'self' 'unsafe-inline' http://fonts.googleapis.com",
      'connect-src': "'self' http://localhost:3000",
    };

    ENV['simple-auth-devise'] = {
      serverTokenEndpoint: "//localhost:3000/users/sign_in"
    };

    ENV.apiHost = "http://localhost:3000";
  }
Run Code Online (Sandbox Code Playgroud)

我能够使身份验证工作,我在我的应用程序中获得了一个会话对象.以下是与会话端点成功交换的标头:

POST /users/sign_in HTTP/1.1
Host: localhost:3000
Connection: keep-alive
Content-Length: 63
Accept: application/json, text/javascript
Origin: http://localhost:4200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://localhost:4200/sign-in
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
Run Code Online (Sandbox Code Playgroud)

服务器响应此会话对象:

{"user_token":"eo2xxzYsQ6UifMKvoLMF","user_id":3,"user_email":"snip@snip.com","user_first_name":"Xavier","user_last_name":"Lange"}
Run Code Online (Sandbox Code Playgroud)

但是所有后续请求都没有设置标头:

GET /api/reports?user_id=3 HTTP/1.1
Host: localhost:3000
Connection: keep-alive
Cache-Control: max-age=0
Accept: application/json, text/javascript, */*; q=0.01
Origin: http://localhost:4200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36
Referer: http://localhost:4200/reports
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
If-None-Match: W/"8e1b98de900ac194a0bc3ef6e9dc7459"
Run Code Online (Sandbox Code Playgroud)

我应该期待的地方

Authorization: Token token="<token>", email="<email>"
Run Code Online (Sandbox Code Playgroud)

在发送到后端的标头中.但它没有发生.

xrl*_*xrl 5

通过检查crossOriginWhitelist开发中解决了这个问题:

  if (environment === 'development') {
    // ENV.APP.LOG_RESOLVER = true;
    // ENV.APP.LOG_ACTIVE_GENERATION = true;
    ENV.APP.LOG_TRANSITIONS = true;
    // ENV.APP.LOG_TRANSITIONS_INTERNAL = true;
    // ENV.APP.LOG_VIEW_LOOKUPS = true;

    ENV.contentSecurityPolicy = {
      'font-src': "'self' http://fonts.gstatic.com",
      'style-src': "'self' 'unsafe-inline' http://fonts.googleapis.com",
      'connect-src': "'self' http://localhost:3000",
    };

    ENV['simple-auth']['crossOriginWhitelist'] = ['http://localhost:3000'];
    ENV['simple-auth-devise']['serverTokenEndpoint'] = "//localhost:3000/users/sign_in"

    ENV.apiHost = "http://localhost:3000";
  }
Run Code Online (Sandbox Code Playgroud)

然后我不得不改为simple-auth-devise使用email作为标识属性(rails在解析Authorization标头时遇到了困难authenticate_with_http_token:

  var ENV = {
    modulePrefix: 'my-app',
    environment: environment,
    baseURL: '/',
    locationType: 'auto',
    EmberENV: {
      FEATURES: {
        // Here you can enable experimental features on an ember canary build
        // e.g. 'with-controller': true
      }
    },

    APP: {
      // Here you can pass flags/options to your application instance
      // when it is created
    },

    'simple-auth': {
      authenticationRoute: 'sign-in',
      authorizer: 'simple-auth-authorizer:devise'
    },

    'simple-auth-devise': {
      identificationAttributeName: 'email'
    }
  };
Run Code Online (Sandbox Code Playgroud)

我的会话序列化程序必须与该属性名称同步:

class SessionsController < Devise::SessionsController
  skip_before_action :authenticate_user_from_token!, only: [:create]

  def create
    respond_to do |format|
      format.json do
        self.resource = warden.authenticate!(auth_options)
        sign_in(resource_name, resource)
        data = {
          token: self.resource.authentication_token,
          user_id: self.resource.id,
          email: self.resource.email,
          user_first_name: self.resource.first_name,
          user_last_name: self.resource.last_name
        }
        render json: data, status: 201
      end
    end
  end
end
Run Code Online (Sandbox Code Playgroud)

归档时间:

查看次数:

422 次

最近记录:

10 年,7 月 前
相关归档
Ruby on Rails - 为多个模型渲染JSON 65
控制器helper_method 43
Rails:在Omniauth使用Devise登录后从Facebook检索图像 17
Rails 3.1 with Asset Pipeline,link_to:确认消息显示两次? 16
Paperclip和Amazon S3如何做路径? 15
OpenSSL::SSL::SSLError: SSL_connect 返回=1 errno=0 state=error: 证书验证失败 14
在Rails 5.2中分离secret_key_base? 13
让rails-api和strong_parameters一起工作 10
Ember - 如何在其子组件上创建父组件触发器行为 3
为什么在我的Octane组件方法中得到“ this is undefined”? 1
难疑归档
如何在单个表达式中合并两个词典? 4349
如何按值对字典进行排序? 3424
如何在Python中将字符串解析为float或int? 2108
打印Java数组最简单的方法是什么? 1852
Bower和npm有什么区别? 1723
比较Java枚举成员:==或equals()? 1645
检查变量是否是JavaScript中的字符串 1550
如何递归计算目录中的所有代码行? 1536
enctype ='multipart/form-data'是什么意思? 1290
如何将参数传递给批处理文件? 1100