1

認証に Web トークンを使用し、REST API にアクセスする必要があります。天気 API にもアクセスしようとしていますが、ヘッダーが x-access-token を送信していて、次のエラーが発生しているためアクセスできません。

要求ヘッダー フィールド x-access-token は、Access-Control-Allow-Headers では許可されていません。

その特定のリクエストに対してヘッダートークンを未定義にリセットするために、次のことを試しました。残念ながら、ブラウザー コンソールで構成オブジェクトを調べると、ユーザーのトークンがまだ残っています。助けてください!

weatherService.js

//Make a request to GET weather by zip code
    weatherFactory.getWeather = function(zip){
      $http.get('http://api.openweathermap.org/data/2.5/forecast/city?id=524901',
                {
                  headers: {'x-access-token': undefined}
                })
        //Resolve our promise with the data requested
        .success(function(data){
          console.log(data);
        })
        //Promise will be rejected
        .error(function(err){
          console.log('Error getting data');
        });
        return $q.reject(zip);
    };//end getWeather

app.js

//./public/app/app.js
angular.module('swellsApp', [
  // 'ngAnimate',
  'appRoutes',
  'userService',
  'weatherService',
  'mainCtrl',
  'userCtrl',
  'weatherCtrl'
])
  //application configuration to integrate tokens into our requests
  .config(function($httpProvider){
    //attach auth interceptor to the http requests
    $httpProvider.interceptors.push('AuthInterceptor');
  });

authService.js

// authService.js

angular.module('authService', [])
  // ============================================
  //auth factory to login and get information
  //inject $http for communicating with the API
  //inject $q to return promise objects
  //inject AuthToken to manage tokens
  // ============================================

  .factory('Auth', function($http, $q, AuthToken){
    //create auth factory object
    var authFactory = {};

    // handle login for users
    // Post request to /api/authenticate
    authFactory.login = function(username, password){
      //return the promise object and its data
      return $http.post('/api/authenticate', {
        username: username,
        password: password
      })
        .success(function(data){
          AuthToken.setToken(data.token);
          return data;
        });
    };

    //log a user out by clearing the token useing AuthToken factory
    authFactory.logout = function(){
      //clear the token
      AuthToken.setToken();
    };

    //check if a user is logged in and check if there is a local token
    authFactory.isLoggedIn = function(){
      if(AuthToken.getToken())
        return true;
      else
        return false;
    };

    //get the logged in user
    authFactory.getUser = function(){
      if(AuthToken.getToken())
        return $http.get('/api/me');
      else
        return $q.reject({message: "User doesn't have a token"});
    };

    //return auth factory object
    return authFactory;
  })//End Auth

  // ============================================
  // factory for handling tokens
  // inject $window to store token on the client-side
  // ============================================

  .factory('AuthToken', function($window){
    var authTokenFactory = {};

    //get the token out of local storage
    authTokenFactory.getToken = function(){
      return $window.localStorage.getItem('token');
    };

    //set the token or clear the token
    //if token is passed, set token - if there is no token, clear it from local storage
    authTokenFactory.setToken = function(token){
      if(token)
        $window.localStorage.setItem('token', token);
      else
        $window.localStorage.removeItem('token');
    };

    //return auth token factory
    return authTokenFactory;
  })//End AuthToken

  // ============================================
  // application configuration to integrate token into requests
  // ============================================

  .factory('AuthInterceptor', function($q, $location, AuthToken){
    var interceptorFactory = {};

    //attach the token to all HTTP requests
    interceptorFactory.request = function(config){
      //grab the token
      var token = AuthToken.getToken();

      //If token exists then add it to the header as x-access-token
      if(token)
        config.headers['x-access-token'] = token;
        console.log(config);
      return config;
    };

    //On response errors

    interceptorFactory.responseError = function(response){
      //If server returns a 403 forbidden response
      if(response.status == 403)
        $location.path('/login');

      //return the errors from the server as a promise
      return $q.reject(response);
    }

    //return interceptorFactory
    return interceptorFactory;
  });//End AuthInterceptor
4

2 に答える 2

0

"x-access-token" の代わりにトークンを送信する場合は、headers.Authorization = "Bearer " + token; を試してください。

于 2015-09-26T23:19:32.660 に答える