修改代理请求的标题
[英]Modify headers of proxied request
问题描述
I'm IP restricting a pure client-side CORs demo application which interacts with an authenticated third-party API. 
我限制了与经过身份验证的第三方API交互的纯客户端CORs演示应用程序的IP。 I've got a "middleware" server running which I use to proxy requests from the CORs app to the third-party API, but I am having trouble injecting Basic Authentication credentials into those proxied requests. 我正在运行“中间件”服务器,该服务器用于将CORs应用程序的请求代理到第三方API,但是我无法将基本身份验证凭据注入到这些代理请求中。
isAllowed = (req, res, next) -> # Do IP check here.
base64Encode = (unencoded) -> new Buffer(unencoded or '').toString 'base64'
app.all "/demoproxy/*", isAllowed, (req, res) ->
req.url = "/" + req.url.split("/").slice(2).join("/")
userPass = base64Encode "#{process.env.DEMO_USERNAME}:#{process.env.DEMO_PASSWORD}"
# This doesn't work.
# res.setHeader 'Authorization', "Basic #{userPass}"
# This doesn't work either.
###res.oldWriteHead = res.writeHead
res.writeHead = (statusCode, headers) ->
headers = { }
headers['Authorization'] = "Basic #{userPass}"
res.oldWriteHead statusCode, headers###
proxy = new httpProxy.HttpProxy
target:
host: 'remote-api.com'
port: 80
proxy.proxyRequest req, res
What is the proper way to do this? 正确的方法是什么?
2 个解决方案
解决方案1
11 已采纳 2013-06-20 16:49:01
I think you want to set the authorization header on the request (req) object in this case, not the response (res). 我认为您想在这种情况下在请求(req)对象上设置授权标头,而不是在响应(res)上设置。 If remote-api.com is what needs to be authenticated against then it needs to know that with the request you send to it. 如果需要对remote-api.com进行身份验证,则它需要通过发送给它的请求来知道这一点。 Maybe try the following before making the proxy.proxyRequest request 在发出proxy.proxyRequest请求之前,请尝试以下proxy.proxyRequest
req.headers["authorization"] = "Basic #{userPass}"
With the req object there isn't a setHeader function, the headers property is just a javascript object/map. 对于req对象,没有setHeader函数,headers属性只是一个javascript对象/映射。 Hope that helps out... 希望能帮上忙...
解决方案2
0 2013-07-01 10:43:58
Here is some code that works for me, as an example: 这是一些对我有用的代码,例如:
# Demo server requiring basic authentication
servAuth = require("http").createServer (req, res) ->
if auth = req.headers?.authorization
res.statusCode = 200
res.end "Good job, you sent '#{auth}'"
else
res.statusCode = 401
res.end "How about you authenticate first?"
servAuth.listen(8090)
# Proxy server which checks the IP address and then proxies the request
servProxy = require("http-proxy").createServer (req, res, proxy) ->
checkIP req, (err, isOK) ->
# something wrong happened even with the IP address checking
if err
res.statusCode = 500
res.end "Sorry, everything got fargled", "ascii"
# IP address not allowed
else if not isOK
res.statusCode = 403
res.end "You ain't from around here, are you?", "ascii"
# all good, proxy the request with basic auth added
else
userPass = new Buffer("#{process.env.USERNAME}:#{process.env.PASSWORD}", "ascii")
userPass = userPass.toString("base64")
req.headers.authorization = "Basic #{userPass}"
proxy.proxyRequest req, res, {
host: "localhost"
port: 8090
}
servProxy.listen(8080)
# asynchronous IP address checking
checkIP = (req, done) ->
# TODO: implement whatever custom IP checking
# this example just says everything is OK
done( null, true )
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.