I have built a REST API in Python using SQLAlchemy , Flask and Authlib ( Oauth framework).
This API runs over a Docker container which I have configured the SSL, CORS, permanent session ...
When I try to request a token on the API using Axios in a React application, it works:
axios({
method: "post",
url: `.../user/login`,
data: {username, password}
}).then(response => {
...
}).catch(error => {
...
})
But when I try to revoke this token making a Axios request to the logout middleware endpoint I receive Uncaught (in promise) Error: Request failed with status code 403
( img ):
axios({
method: "post",
url: `.../user/logout`,
headers: {Authorization: `Bearer ${this.props.login.access_token}`},
}).then(response => {
...
}).catch({
...
})
I don't understand it. If I issue a token and revoke using a application like Postman or Insonia , it works.
How can I fix it ? Why is it happening ?
I research and found some threads, but I still have this issue: Async requests to a web service , Uncaught (in promise) Error: Request failed with status code 404 ...
Obs ¹: I can't show the API source code for legal reasons with my employer
Obs ²: I'm assuming it's a async / sync problem, I not 100% sure
Usually, you get a Forbidden 403 response when you lack permissions to make the request. I think this has something to do with CORS. Can you please check the Network tab in your browser to make sure both the requests you make (through Postman and in the browser) look the same and if there's a OPTIONS request, what's the response?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.