Sailsjs + vuejs + axios + CSRF令牌 [英] Sailsjs + vuejs + axios + CSRF tokens
问题描述
我有些事不明白.总是收到错误403.我在frontend(vue.js)中有一个代码,在这里我从Sails.js中获得了一个令牌_csrf,没关系.
i some thing not understand. Always get an error 403. I have a code in frontend(vue.js), here I get a token _csrf from Sails.js, its ok.
axios.get('http://localhost:1337/csrfToken')
.then(response => {
this.$store.commit('csrf_update', response.data._csrf);
console.log("_csrf===",response.data._csrf);
axios.defaults.headers.post['X-CSRF-Token'] = response.data._csrf;
})
我有一个后端sails.js,在security.js中设置
And i have a backend sails.js, settings in security.js
cors: {
allRoutes: true,
allowOrigins: 'http://localhost:8080',
allowCredentials: false,
allowRequestMethods:'GET, POST',
allowRequestHeaders:'content-type, X-CSRF-Token'}, csrf: true
我有一个像这样的令牌_csrf: lM8avM1X-KvKz9v2zLnbQZFf8lKOThX9Llb4
并且在请求时出现错误403.
i have a token like that _csrf: lM8avM1X-KvKz9v2zLnbQZFf8lKOThX9Llb4
And i have error 403 when request.
axios.post('http://localhost:1337/login', form)
.then(response => {
this.$router.push('/kabinet');
}).catch(error => { console.log(error); });
那是我的标题
怎么了?
推荐答案
因此,一切都非常简单.
在(sails.js)文件security.js中更改allowCredentials: true
上的allowCredentials: false
,并在前端(vue.js)中更改轴距,像这样添加参数withCredentials: true
So, everything was very simple.
In the (sails.js) file security.js to change allowCredentials: false
on allowCredentials: true
, and in frontend (vue.js) change axion, add parameter withCredentials: true
like this
axios.get('http://localhost:1337/csrfToken',{
withCredentials: true
}).then(response => {
console.log("_csrf===",response.data._csrf);
axios.defaults.headers.post['X-CSRF-Token'] = response.data._csrf;
})
,并且在所有axios中,请求必须为withCredentials: true
and in all axios requests must be withCredentials: true
这篇关于Sailsjs + vuejs + axios + CSRF令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!