【发布时间】:2020-03-09 02:13:57
【问题描述】:
我正在使用 get api 调用来使用 http 从 json doc 中获取数据。但是我只启用了对令牌持有者的授权。当我调用 get 请求时,我想在标题中的 Authorization 中传递令牌的值(我可以通过 localStorage.getItem("token"); 获得)。
API.SERVICE.TS
import { Injectable } from '@angular/core';
import { Http, Headers, RequestOptions } from '@angular/http';
import { Observable } from 'rxjs';
import { HttpClientModule } from '@angular/common/http';
import { HttpClient, HttpRequest, HttpEventType, HttpHeaders, HttpParams, HttpEvent, HttpErrorResponse, HttpResponse } from '@angular/common/http';
import 'rxjs/add/operator/map';
@Injectable({
providedIn: 'root'
})
export class ApiService {
constructor(private http: Http) { }
getTransferIp(){
return this.http.get('http://localhost:3003/transferip').map(res => res.json() );
}
}
目前,只有当我在节点服务器获取路由器中关闭身份验证时,我才允许获取数据... 但我不想这样做,也不想使用拦截器
正在下面附加节点服务器文件...
AUTH.JS
const jwt = require('jsonwebtoken')
const User = require('../models/user')
const auth = async (req, res, next) => {
try {
const token = req.header('Authorization').replace('Bearer ', '')
const decoded = jwt.verify(token, 'mango@123')
const user = await User.findOne({ _id: decoded._id, 'tokens.token': token })
if (!user) {
throw new Error()
}
req.token = token
req.user = user
next()
} catch (e) {
res.status(401).send({ error: 'Please authenticate.' })
}
}
module.exports = auth
TRANSFERIP.JS(路由器)
const express = require('express')
const TransferIp = require('../models/transferip')
const auth = require('../middleware/auth')
const router = new express.Router()
router.post('/transferip', auth, async (req, res) => {
const task = new TransferIp({
...req.body,
owner: req.user._id
})
try {
await task.save()
res.status(201).send(task)
} catch (e) {
res.status(400).send(e)
}
})
router.get('/transferip', auth, function(req, res, next) {
TransferIp.find(function (err, events) {
if (err) return next(err);
res.json(events);
});
});
module.exports = router
【问题讨论】:
-
你可以使用拦截器。 medium.com/@ryanchenkie_40935/…