授权持票人令牌Angular 5
Val*_*Rob 19 authorization header bearer-token angular
我对如何在Angular 5中为简单的Get请求创建一个好标头感到困惑.
这是我在Angular中需要做的事情:
这是我到目前为止:
getUserList(): Observable<UserList[]> {
const headers = new Headers();
let tokenParse = JSON.parse(this.token)
headers.append('Authorization', `Bearer ${tokenParse}`);
const opts = new RequestOptions({ headers: headers });
console.log(JSON.stringify(opts));
const users = this.http.get<UserList[]>(this.mainUrl, opts)
return users
.catch(this.handleError.handleError);
}
这是我的console.log中的响应:
{"method":null,"headers":{"Authorization":["Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6ImYwODZlM2FiYTk0ZjVhMjVmNDhiNzlkYmI2YWUwOWY4YzE2MTUyMzg2N2I5MDZiY2MzNWQyNWJiYTZmYTE4YjEwZjA1MjZiNThkZjE2Y2FjIn0.eyJhdWQiOiJmMDExY2M1OC00MGNlLTQzYTktOGY3MS04NDI0OTRlM2E5OTciLCJqdGkiOiJmMDg2ZTNhYmE5NGY1YTI1ZjQ4Yjc5ZGJiNmFlMDlmOGMxNjE1MjM4NjdiOTA2YmNjMzVkMjViYmE2ZmExOGIxMGYwNTI2YjU4ZGYxNmNhYyIsImlhdCI6MTUyMzU1MTQ0NSwibmJmIjoxNTIzNTUxNDQ1LCJleHAiOjE1MjM1NTQ0NDUsInN1YiI6IjIiLCJzY29wZXMiOlsiYXV0aGVudGljYXRlZCIsImFuZ3VkcnUiXX0.E-WdQTl7nPDW0gj0rohfql-QgnAinzvDxPR-pySMrG07XFY9tA6Ex7IL23pDBmKDmQO8RcZKa0L5r6SRQq9_iqzMWzn5Zxp94J9TJrpZ2KGMoLR_FbK_tpC5G5q5vUnCe3q34sH7cPdT_2cI704OWWaYmIUKKpXWUIG0PJw_uKSJ_uOifPv59RZGQkoaQ9gPywDKe-uamm1Faug-Kk2YnFMoEJq7ou19zyxgdpX80ZTPUae67uB0PGLRuvxfGaqVsJ8k0NunAY3-pyUnBwR_3eeuOxf4TyfW2aiOJ9kuPgsfV4Z1JD7nMpNtTHMJaXEyNkBW8RlYHD1pj4dkdnsDmw"]},"body":null,"url":null,"withCredentials":null,"responseType":null}
它看起来很漂亮.但是给了我这个错误
GET http://druang.dd:8080/user-list?_format = json 403(Forbidden)
还有另一条线索可以解决这个谜团.在Sublime文本中,如果我把鼠标放在opts它上面,请说:
错误在src/app/services/userlist.service.ts(33,59)中:错误TS2345:类型'RequestOptions'的参数不能分配给类型'{headers?:HttpHeaders | {[header:string]:string | 串[]; }; 观察?:"身体"; params?:Ht ......'.属性"标题"的类型不兼容.类型'标题'不能分配给'HttpHeaders |类型 {[header:string]:string | 串[]; }".类型'标题'不能分配给'{[header:string]:string | 串[]; }"."标题"类型中缺少索引签名.
任何的想法??以下是完整的Git repo 谢谢你的帮助!
小智 19
我建议你使用HTTPInteceptor来处理添加令牌.这是一篇很棒的文章:https://www.illucit.com/angular/en-angular-5-httpinterceptor-add-bearer-token-to-httpclient-requests/
-----另一种解决问题的方法.-----
__CODE__
__CODE__
并且不要忘记在您的组件中调用和订阅.
- 只需添加,令牌应以'Bearer'开头,因此在您的示例中为'Authorization':`Bearer $ {auth_token}`。 (3认同)
- 我需要使用 HttpHeaders 而不是 Headers,但之后一切都正常了。 (2认同)
Has*_*man 18
对于get请求,我使用了以下代码并且它有效
import { HttpClient, HttpHeaders } from '@angular/common/http';
getServerList(){
var reqHeader = new HttpHeaders({
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + JSON.parse(localStorage.getItem('mpManagerToken'))
});
return this.http.get<Server[]>(`${environment.apiUrl}/api/Servers/GetServerList`, { headers: reqHeader });
}
在 Angular 6 和 7 中,此方法可用于拦截所有 HTTP 请求并添加承载令牌。
实现教程可在此处获得。Youtube,这个频道有所有的教程。
拦截器组件
import {
HttpInterceptor,
HttpRequest,
HttpHandler,
HttpUserEvent,
HttpEvent
} from '@angular/common/http';
import { Observable } from 'rxjs';
import { UserService } from '../shared/user.service';
import { tap } from 'rxjs/operators';
import { Injectable } from '@angular/core';
import { Router } from '@angular/router';
@Injectable()
export class AuthInterceptor implements HttpInterceptor {
constructor(private router: Router) {}
intercept(
req: HttpRequest<any>,
next: HttpHandler
): Observable<HttpEvent<any>> {
if (req.headers.get('No-Auth') === 'True') {
return next.handle(req.clone());
}
if (localStorage.getItem('userToken') != null) {
const clonedreq = req.clone({
headers: req.headers.set(
'Authorization',
'Bearer ' + localStorage.getItem('userToken')
)
});
return next.handle(clonedreq).pipe(
tap(
succ => {},
err => {
if (err.status === 401) {
// this.router.navigateByUrl('/login');
} else if ((err.status = 403)) {
// this.router.navigateByUrl('/forbidden');
// alert(err.localStorage.getItem('userToken'));
}
}
)
);
} else {
this.router.navigateByUrl('/login');
}
}
}
防护组件
import { Injectable } from '@angular/core';
import {
CanActivate,
ActivatedRouteSnapshot,
RouterStateSnapshot,
Router
} from '@angular/router';
import { Observable } from 'rxjs';
import { UserService } from '../shared/user.service';
import { ToastrService } from 'ngx-toastr';
@Injectable()
export class AuthGuard implements CanActivate {
constructor(
private router: Router,
private userService: UserService,
private toastr: ToastrService
) {}
canActivate(
next: ActivatedRouteSnapshot,
state: RouterStateSnapshot
): boolean {
if (localStorage.getItem('userToken') != null) {
const roles = next.data['roles'] as Array<string>;
if (roles) {
const match = this.userService.roleMatch(roles);
if (match) {
return true;
} else {
// tslint:disable-next-line: quotemark
this.toastr.info("You don't have access to this page");
this.router.navigate(['/login']);
// this.router.navigate(['/forbidden']);
return false;
}
} else {
return true;
}
}
this.router.navigate(['/login']);
return false;
}
}
将其添加到 app.modules.ts
providers: [
ConfirmationDialogService,
UserService,
DoctorService,
{ provide: OwlDateTimeIntl, useClass: DefaultIntl },
{ provide: OWL_DATE_TIME_FORMATS, useValue: MY_MOMENT_FORMATS },
AuthGuard,
{
provide: HTTP_INTERCEPTORS,
useClass: AuthInterceptor,
multi: true
}
],
然后将守卫添加到路由
{
path: 'adminPanel',
component: AdminPanelComponent,
canActivate: [AuthGuard],
data: { roles: ['Admin'] }
},
两件事情:
headers.append(...)不会更改标头对象,因此不会发送您的授权标头。你需要做headers = headers.append(...)尝试
this.http.get<UserList[]>(this.mainUrl, { headers: headers });
| 归档时间: |
|
| 查看次数: |
36223 次 |
| 最近记录: |