堆栈内存溢出
  简体   繁体   English

如何处理授权令牌

[英]How to handle authorization token

 原文  2016-02-18 13:34:27       javascript/ cyclejs

问题描述

I would like to add auth token to http request header every time a http request sent and if authorization fails, I want to redirect user to the login. 我希望每次发送http请求时都将auth令牌添加到http请求标头,如果授权失败,我想将用户重定向到登录。 Should I decorate Http Driver or is there a better way to do it? 我应该装饰Http Driver还是有更好的方法来做到这一点?

I came with a solution that decorates http driver. 我带来了装饰http驱动程序的解决方案。 But I'm not sure this is the correct way of doing it. 但我不确定这是否正确。 Here's the code so far I have written: 这是我写的代码到目前为止: 

 import Rx from 'rx'; import {makeHTTPDriver} from '@cycle/http'; function makeSecureHTTPDriver({eager = false} = {eager: false}) { return function secureHTTPDriver(request$) { const httpDriver = makeHTTPDriver(eager); const securedRequest$ = request$ .map(request => { const token = localStorage.getItem('token'); if (token) { request.headers = request.headers || {}; request.headers['X-AUTH-TOKEN'] = token; } return request; }); const response$ = httpDriver(securedRequest$); //todo: check response and if it fails, redirect to the login page return response$; } } export default makeSecureHTTPDriver;

Here is the code how I use makeSecureHttpDriver 这是我使用makeSecureHttpDriver的代码 

 const drivers = { DOM: makeDOMDriver('#app'), HTTP: makeSecureHttpDriver() };

2 个解决方案

解决方案1
 2  2016-03-28 23:19:55

This is a little late, I don't frequent SO very much. 这有点晚了,我不经常这么做。 I'd suggest using other drivers instead to avoid placing any logic in your drivers. 我建议使用其他驱动程序,以避免在驱动程序中放置任何逻辑。 

import storageDriver from '@cycle/storage'
import {makeHTTPDriver} from '@cycle/http'

function main(sources) {
 const {storage, HTTP} = sources
 const token$ = storage.local.getItem('token')
  .startWith(null)

 const request$ = createRequest$(sources)

 const secureRequest$ = request$.withLatestFrom(token$, 
   (request, token) => token ? 
     Object.assign(request, {headers: {'X-AUTH-HEADER' : token }) : 
     request
 )
 return {HTTP: secureRequest$, ...}
}

Cycle.run(main, {
 ...
 storage: storageDriver,
 HTTP: makeHTTPDriver()
})

解决方案2
 1  2016-02-20 13:01:28

I'm not sure if this will help but HTTP driver is superagent under the hood so you can pass it an object like with required info like here . 我不确定这是否会有所帮助,但HTTP驱动程序在引擎盖下是超级的,所以你可以传递一个类似于此处所需信息的对象。

But in regards to your issue I think that the HTTP driver might need this option added to the driver it self so you can dictate if the driver should be secure or not eg: 但是关于你的问题,我认为HTTP driver可能需要将此选项添加到驱动程序中,因此您可以指示驱动程序是否应该是安全的,例如: 

const drivers = {
    DOM: makeDOMDriver('#app'),
    HTTP: makeSecureHttpDriver({secure:true})
};

Because your implementation looks ok to me, it might be worth having it in the driver itself. 因为您的实现对我来说没什么问题,所以在驱动程序本身中使用它可能是值得的。 I'd create an issue in the HTTP driver repo and see what the community think, you can also ask people to interact via the gitter channel :-) 我在HTTP驱动程序repo中创建了一个问题,看看社区的想法,你也可以让人们通过gitter频道进行交互:-)

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用Angular处理需要授权令牌的下载链接? - How do you handle download link that requires Authorization token using Angular? 如何在 url 中添加授权令牌 - How to add authorization token in a url 如何使用授权码获取访问令牌? - How to get access token using authorization code? Braintree - 如何刷新 javascript 授权令牌? - Braintree - how to refresh javascript authorization token? 如何在 axios 中配置 Authorization bearer token? - How to configure Authorization bearer token in axios? 在授权标头中设置令牌 - set token in authorization header 使用PassportJS进行令牌认证/授权 - Token Authentication/Authorization With PassportJS 如何在 node.js 中使用 axios 设置授权令牌 - How to set Authorization token with axios in node.js 我如何通过 ApiSauce 传递不记名授权令牌 - How do i pass a bearer authorization token with ApiSauce 如何在 javascript 中使用 POST 方法和授权承载令牌获取 API? - How to fetch API with POST method and Authorization Bearer token in javascript?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM