登录后如何使用授权标头重定向到新页面?
[英]How to redirect to new page with Authorization Headers after login?
问题描述
I have a login page.
我有一个登录页面。 On click of login button, the details are sent to server and are validated.单击登录按钮时,详细信息将发送到服务器并进行验证。 A token is received in return after successful validation.验证成功后会收到一个令牌作为回报。 I need to know how to redirect to a new page(/dashboard) using this token set as authorization header. Note that I am using vanilla Js我需要知道如何使用此令牌设置为授权 header 重定向到新页面(/仪表板)。请注意,我使用的是 vanilla Js
function login(){
var userEmail = document.getElementById("email_field").value;
var userPass = document.getElementById("password_field").value;
axios
.post('http://localhost:5000/login',{
username: userEmail,
password: userPass,
})
.then( (response) => {
if(response.data.success){
let token = response.data.token;
localStorage.setItem("SavedToken", token);
axios.defaults.headers.common['Authorization'] = token;
//some code here to redirect to localhost:5000/dashboard with authorization header
}
alert(response.data.message);
console.log(response)
})
}
1 个解决方案
解决方案1
0 2022-04-25 10:22:41
I had the same issue when I was writing vanilla authorization app.我在编写香草授权应用程序时遇到了同样的问题。
From my experience there is no easy way to achieve this.根据我的经验,没有简单的方法可以实现这一点。 The browser sends req and without us being able to meddle with the headers, without using http intercepting tool to catch outgoing browser http requests.浏览器发送请求并且我们无法干预标头,而无需使用 http 拦截工具来捕获传出的浏览器 http 请求。
So, one way to allow to send http req and utilize the token we have is to use this work-around: the server serves HTML pages without any issue, but the body is empty.因此,允许发送 http 请求并利用我们拥有的令牌的一种方法是使用此解决方法:服务器服务 HTML 页面没有任何问题,但正文是空的。 For each page the is a built in "onload" function. This function sends anther http req via "fetch" (or any other tools), and gets back the accual page after the token is validated by the server.对于每个页面,都有一个内置的“onload”function。这个 function 通过“fetch”(或任何其他工具)发送另一个 http 请求,并在服务器验证令牌后取回实际页面。 Then you render the accual page into the body.然后将实际页面渲染到正文中。
For Example:例如:
fetch("http://localhost:5454/signup")
.then((res) => res.json())
.then((res) => {
const token = res.token;
localStorage.setItem("token", token);
fetch("http://localhost:5454/", {
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
})
.then((res) => res.text())
.then((rawHtml) => {
document.write(rawHtml);
document.close;
});
Another way to do it without sending multiple http request to each endpoint is the single page approuch: You get only the main page of the application that has a nav bar in it.另一种不向每个端点发送多个 http 请求的方法是单页方法:您只获得应用程序的主页,其中有一个导航栏。 Each navbar click sends a req with the token and gets the HTML, and render is to a specific location within the main page.每次导航栏点击都会发送一个带有令牌的请求并获取 HTML,然后渲染到主页中的特定位置。
As I said, this is a very crud way.正如我所说,这是一种非常粗鲁的方式。
Another option is in the server, after the login and in the generation on the token - add the token to a cookie, that the browser will store, and will add to every outgoing request.另一种选择是在服务器中,在登录后并在令牌上生成 - 将令牌添加到浏览器将存储的 cookie 中,并将添加到每个传出请求中。
I will be glad to hear from anyone that has a better solution... ANyway, hope this helps.我很高兴收到任何有更好解决方案的人的来信......无论如何,希望这会有所帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.