我不明白某些東西或遺漏了我認爲的東西。 我有一個LoginPage授權用戶(這是Angularjs 1.5) 作爲後端我有斯卡拉/播放的是驗證用戶和pwd應用 所以現在我的問題是,在登錄服務都得到精細Angularjs在標題中沒有標記
var token = $cookies["XSRF-TOKEN"];
if (token) {
$http.get('http://localhost:9000/ping')
.then(
function (response) {
return $http.get("http://localhost:9000/users/" + response.data.userId)
}, function (response) {
token = undefined;
$cookies["XSRF-TOKEN"] = undefined;
return $q.reject("Token invalid");
}
).then(
function (response) {
console.log(response.data);
}, function (response) {
console.log("error");
}
);
}
$http.post('http://localhost:9000/login', user)
.then(function (response) {
token = response.data.authToken;
console.log(token);
var userId = response.data.userId;
return $http.get('http://localhost:9000/users/' + userId)
}, function (response) {
console.log(response.data.err);
// return 'empty' promise so the right `then` function is called
return $q.reject("Login failed");
}).then(
function (response) {
console.log(response);
}
)
}
罰款但在接下來的情況下,我發送一個GET請求到API,並且想要檢查XSRF Cookie,但沒有cookie被髮送。
這裏是安全特質在斯卡拉 -
def HasToken[A](p: BodyParser[A] = parse.anyContent)(f: String => Long => Request[A] => Result): Action[A] =
Action(p) { implicit request =>
val maybeToken = request.headers.get(AuthTokenHeader).orElse(request.getQueryString(AuthTokenUrlKey))
maybeToken flatMap { token =>
cache.get[Long](token) map { userid =>
f(token)(userid)(request)
}
} getOrElse Unauthorized(Json.obj("err" -> "No Token"))
}
所以現在我的問題是 - 哪裏是頭令牌?
更新: 這裏是我的app.js
'use strict';
function testInterceptor($rootScope, $q, $timeout) {
return function(promise) {
return promise.then(
function(response) {
return response;
},
function(response) {
if (response.status == 401) {
$rootScope.$broadcast("InvalidToken");
$rootScope.sessionExpired = true;
$timeout(function() {$rootScope.sessionExpired = false;}, 5000);
} else if (response.status == 403) {
$rootScope.$broadcast("InsufficientPrivileges");
} else {
// Here you could handle other status codes, e.g. retry a 404
}
return $q.reject(response);
}
);
};
}
var app=angular.module('telephone', ['ngRoute', 'ngCookies']);
app.factory('testInterceptor', testInterceptor);
app.config(["$httpProvider", "$routeProvider",function ($httpProvider, $routeProvider) {
$httpProvider.interceptors.push('testInterceptor');
$routeProvider.when('/login', {templateUrl: '../partials/login.html', controller: 'loginController'});
$routeProvider.otherwise({redirectTo: '/login'});
}]);
是您的角度應用在localhost域上運行,或者如何在瀏覽器中訪問它?由於它們必須匹配,所以otherwiser angular/javascript將不會看到一個cookie, – Zyga
都在本地主機上運行(angularjs localhost:8000,scala Backend localhost:9000) – tbere