在具有环回后端的angular应用中通过Facebook登录 [英] Login by facebook in angular app with loopback backend
问题描述
我正在使用Strongloop回送后端制作一个有角度的应用程序.
I'm making an angular application with strongloop loopback backend.
我还使用loopback-passport模块集成了Facebook的第三方登录.
Also I integrating a third party login by facebook using loopback-passport module.
在loopback-example-passport中一切都很好,并且在重定向到我的应用之前,我的应用中的一切都很好.用户和访问令牌已创建.
everything was fine in loopback-example-passport and everything is fine in my app right before the moment of redirecting to my app. User and Access-token created.
代码:
app.get('/auth/login', ensureLoggedIn('/#login'), function(req, res, next) {
console.log('LOOGED IN!!');
console.log(req.user);
res.redirect('/#auth/login');
});
正常工作.但是我听不懂.如何为我的角度应用程序提供经过身份验证的状态.
works fine. But i can't understand. how to give authenticated state to my angular application.
我试图制作一个控制器来路由'/#auth/login':
i tried to make a controller to route '/#auth/login':
.controller('AuthCalbackCtrl', function($scope, $cookies, $location, AppAuth, $http, User, LoopBackAuth) {
//analogue of User.login responce interceptor
LoopBackAuth.currentUserId = $cookies['userId'] || null;
LoopBackAuth.accessTokenId = $cookies['access-token'] || '';
LoopBackAuth.rememberMe = false;
LoopBackAuth.save();
//asking for currentUser
User.getCurrent(function(user) {
console.log('ser.getCurrent ', user);
});
$location.path('/');
})
此代码发出GET/api/users/2请求,但收到401错误.
This code makes a request GET /api/users/2 but receives 401 error.
如果我调整文件/loopback/lob/models/user.js的设置权限:
If I tweak the file /loopback/lob/models/user.js setting permission:
principalType: ACL.ROLE,
// principalId: Role.OWNER,
principalId: Role.EVERYONE,
permission: ACL.ALLOW,
property: "findById"
然后,请求GET/api/users/2收到200,一切正常.
Then the request GET /api/users/2 receives 200 and everything ok.
我有点困惑.尽管我知道access-token和userId
I'm a little confused. I can`t understand how to make my angular app authenticate to loopback, although i know access-token and userId
有人对如何做有任何想法吗?
Have anybody any ideas how to do it?
推荐答案
此处是有效的代码.
app.get('/auth/login', function(req, res, next) {
//workaround for loopback-password
//without this angular-loopback would make incorrect authorization header
res.cookie('access-token', req.signedCookies['access-token']);
res.cookie('userId', req.user.id);
res.redirect('/#auth/login');
});
问题在于回送护照对cookie进行签名:
The problem is that loopback-passport signs cookie:
res.cookie('access-token', info.accessToken.id, { signed: true,
maxAge: info.accessToken.ttl });
在字符串中,它看起来类似于以下"s:.eBvo8bpo9Q9wnNrPjjlG%2FAcYqWkxEgNFqn%2FO54rdGwY"
In string it looks something like the following "s:.eBvo8bpo9Q9wnNrPjjlG%2FAcYqWkxEgNFqn%2FO54rdGwY"
但是loopback-angular只是将访问令牌复制到header.authorization,因此我们需要在其中放置简单的cookie.
But loopback-angular just copies the access-token to header.authorization, so we need to put there plain cookie.
这篇关于在具有环回后端的angular应用中通过Facebook登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!