从发布请求(服务器端)重定向到新页面
[英]Redirect to new page from post request (server side)
问题描述
I have an express graphql endpoint reachable by POST at ${host}/api/graphql . 
我在${host}/api/graphql有一个可通过POST到达的快速graphql端点。
On that the route I have authentication middleware and want to redirect to the login page if the user is not logged in. 在那条路由上,我具有身份验证中间件,并且如果用户未登录,则希望重定向到登录页面。
Looks a little like this. 看起来有点像这样。
const authCheck = (req, res, next) => {
const referringUrl = req.get('referer');
try {
const token = req.cookies.Auth;
jwt.verify(token, process.env.AUTH_PRIVATE_KEY);
next();
} catch(err) {
res.redirect(302, `/login?redirect=${referringUrl}`);
}
}
At first I had it as a response status code 307 and it worked fine on GET requests. 最初,我将其作为响应状态代码307,它在GET请求上工作正常。 The browser changes the page to the referringUrl as expected. 浏览器按预期将页面更改为referringUrl 。
But for Post requests, using a status 307 caused the browser redirect to use the post method. 但是对于发布请求,使用状态307会导致浏览器重定向使用发布方法。 Fine, so I switched to 302. Now it sends a get request but doesn't actually change the url in the browser. 很好,所以我切换到302。现在它发送了一个get请求,但实际上并未更改浏览器中的url。
How do I accomplish this functionality from the server side? 如何从服务器端完成此功能?
Thanks in advance. 提前致谢。
2 个解决方案
解决方案1
1 2019-08-27 09:42:20
The redirect After-Post code is generally 303 (See other), this should avoid the reuse of POST method that you had with 307 . 重定向的Post-Post代码通常是303 (请参见其他),这应避免重用307所使用的POST方法。
The strange thing is that a 303 is almost the same thing as a 302, and a browser receiving such redirection should follow it and alter the browser location. 奇怪的是303与302几乎是同一件事,并且接受这种重定向的浏览器应遵循它并更改浏览器位置。 So your current code should already work. 因此,您当前的代码应该已经可以使用了。
You said Now it sends a get request but doesn't actually change the url in the browser so I think you are maybe talking about an Ajax call? 您说过, Now it sends a get request but doesn't actually change the url in the browser所以我认为您可能正在谈论Ajax调用? If the POST is made via an XhmlHttpRequest then your problem is not only about the serverside. 如果通过XhmlHttpRequest进行POST,那么您的问题不仅在于服务器端。 It's about handling redirections in Ajax calls. 这是关于处理Ajax调用中的重定向。 And then you have several paths that you can follow. 然后,您可以遵循几个路径。 You can search for 'redirections' and 'ajax' on stack overflow and find some advices. 您可以在堆栈溢出时搜索“重定向”和“ ajax”并找到一些建议。 For example you can build your own application level protocol and not sending an HTTP redirect but an application redirect in a json response, and have the js client understanding it and altering the location, or some other stuff. 例如,您可以构建自己的应用程序级别协议,而不在JSON响应中发送HTTP重定向,而是发送应用程序重定向,并让js客户端理解它并更改位置,或进行其他操作。 That's an heavily discussed subject. 这是一个讨论很多的话题。
By the way in terms of security/robustness you may have some tweaks to do, like using encodeURI on the location used in your redirect() call and maybe checking that the referer is from a domain that you really handle (or enforcing relatives urls only on the redirect argument of your login page). 顺便说一下,在安全性/鲁棒性方面,您可能需要做一些调整,例如在redirect()调用中使用的位置上使用encodeURI ,并可能检查referer是否来自您真正处理过的域(或仅强制执行亲属网址)在登录页面的redirect参数上)。
解决方案2
1 已采纳 2019-09-02 17:04:36
As @regilero said, problem on client side. 正如@regilero所说,客户端方面的问题。 Your GraphQl server can't change url in browser, because js code makes request, not browser. 您的GraphQl服务器无法在浏览器中更改url,因为js代码而不是浏览器发出请求。
You can catch 30* status of error and make redirect manually on your client code. 您可以捕获30 *错误状态,并在客户端代码上手动进行重定向。
If you use Apollo Client for graphQl, you can follow this guide https://www.apollographql.com/docs/react/features/error-handling/#network-errors 如果您将Apollo Client用于graphQl,则可以遵循本指南https://www.apollographql.com/docs/react/features/error-handling/#network-errors
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.