[英]Getting 401 error on XHR request from local frontend app to local backend Sails JS Blueprint REST route
I have a frontend Vue app running on localhost:8080.我有一个在 localhost:8080 上运行的前端 Vue 应用程序。 I'm attempting to send a request to my backend application, a Sails JS node app, running on localhost:1337.
我正在尝试向我的后端应用程序发送请求,这是一个在 localhost:1337 上运行的 Sails JS 节点应用程序。
My request code from my Vue app looks like this:我的 Vue 应用程序的请求代码如下所示:
actions/index.vue动作/index.vue
async testFetch() {
await fetch('http://localhost:1337/recipe', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
displayName: 'test',
}),
});
}
According to Chrome devtools, the request appears to be sending properly.根据 Chrome devtools,请求似乎发送正确。 Copied as CURL:
复制为CURL:
curl 'http://localhost:1337/recipe' \
-H 'Connection: keep-alive' \
-H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36' \
-H 'Content-Type: application/json' \
-H 'Accept: */*' \
-H 'Origin: http://localhost:8080' \
-H 'Sec-Fetch-Site: same-site' \
-H 'Sec-Fetch-Mode: cors' \
-H 'Sec-Fetch-Dest: empty' \
-H 'Referer: http://localhost:8080/' \
-H 'Accept-Language: en-US,en;q=0.9' \
--data-binary '{"displayName":"test"}' \
--compressed
My backend app is a Sails JS node app that was created with Sails JS CLI version 1.4.0
.我的后端应用程序是使用 Sails JS CLI 版本
1.4.0
创建的 Sails JS 节点应用程序。 I ran the command sails new
and chose the webapp
option.我运行命令
sails new
并选择了webapp
选项。 I run the app with sails lift
.我用
sails lift
运行应用程序。
I believe I have the proper CORS settings for the Sails app.我相信我为 Sails 应用程序设置了正确的 CORS 设置。 In any case, before I set up CORS setttings, I was getting CORS errors on the frontend, and now I'm not.
无论如何,在我设置 CORS 设置之前,我在前端收到 CORS 错误,现在我没有了。
backend/config/security.js后端/配置/security.js
module.exports.security = {
cors: {
allRoutes: true,
allowOrigins: ['http://localhost:8080'],
},
csrf: false
};
I have disabled csrf for now so as to reduce variables in debugging.我暂时禁用了 csrf,以减少调试中的变量。
According to the Sails JS documentation , if I have enable REST Blueprints, then when I create a Model, there should automatically be routes and actions created for it (if the server is torn down and re-launched with sails lift
).根据Sails JS 文档,如果我启用了 REST 蓝图,那么当我创建 Model 时,应该会自动为其创建路线和操作(如果服务器被拆除并使用
sails lift
重新启动)。 I believe I have the proper configuration to enable this feature:我相信我有正确的配置来启用此功能:
backend/config/blueprints.js后端/配置/blueprints.js
module.exports.blueprints = {
actions: false,
rest: true,
shortcuts: false,
};
I believe I have established a Model properly, so Sails should be creating a Blueprint Route and Blueprint Action for said model:我相信我已经正确地建立了一个 Model,所以 Sails 应该为所说的 model 创建蓝图路线和蓝图动作:
backend/api/models/Recipe.js后端/api/models/Recipe.js
module.exports = {
attributes: {
displayName: {
type: 'string',
required: true,
example: 'Mamas puddin',
},
},
};
As far as I'm aware, I have no conflicting actions or controllers in backend/api/controllers
.据我所知,我在
backend/api/controllers
中没有冲突的操作或控制器。 Also, as far as I'm aware, I have no conflicting routes in backend/config/routes.js
.另外,据我所知,我在
backend/config/routes.js
中没有冲突的路由。 My response as viewed in Chrome devtools is "Unauthorized," with a status code of 401
.在 Chrome devtools 中查看我的响应是“未经授权”,状态代码为
401
。 The terminal running sails lift
shows <- POST /recipe
.运行
sails lift
的航站楼显示<- POST /recipe
。 If I send a request to a different route, say, /foo/bar
, I get a 404. Also, if I navigate my browser to localhost:1337 (rather than simply use the Sails JS app as an API), the default Sails JS webapp functions properly.如果我将请求发送到不同的路由,例如
/foo/bar
,我会收到 404。此外,如果我将浏览器导航到 localhost:1337(而不是简单地使用 Sails JS 应用程序作为 API),默认的 Sails JS webapp 正常运行。
How can I send an XHR request to a Blueprint route on a Sails JS app?如何将 XHR 请求发送到 Sails JS 应用程序上的蓝图路由?
The reason I was getting 401 is that the default Sails webapp has a policy applied to all routes that requires them to be logged in (the login middleware is run on every route), with a few exceptions.我得到 401 的原因是默认的 Sails webapp 有一个策略应用于所有需要它们登录的路由(登录中间件在每条路由上运行),只有少数例外。
In order to use my Blueprint route, I needed to add an exception to this policy for my *action.为了使用我的蓝图路线,我需要为我的 *action 添加一个例外到这个政策。 (EDIT: I believe the policies map to actions rather than routes.)
(编辑:我相信政策 map 是行动而不是路线。)
backend/config/policies.js后端/配置/policies.js
module.exports.policies = {
'*': 'is-logged-in',
// Bypass the `is-logged-in` policy for:
'entrance/*': true,
'account/logout': true,
'view-homepage-or-redirect': true,
'view-faq': true,
'view-contact': true,
'legal/view-terms': true,
'legal/view-privacy': true,
'deliver-contact-form-message': true,
// I needed to add my Model's Blueprint route to the exceptions
'recipe/*': true,
};
I believe true
simply takes place of a possible policy function. In any case, the request now succeeds with a 200
code.我相信
true
只是取代了可能的策略 function。无论如何,请求现在成功并带有200
代码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.