Electron Auth0Lock“原始文件://不允许" [英] Electron Auth0Lock "Origin file:// not allowed"

问题描述

试图让 auth0 与我的电子应用程序一起工作.当我按照默认教程尝试使用用户名-密码-身份验证进行身份验证时，锁定失败并显示 403 错误并以不允许原始文件://"作为响应.

Trying to get auth0 working with my electron app. When I follow the default tutorial and try to authenticate with Username-Password-Authentication, the lock fails with a 403 error and responds with "Origin file:// is not allowed".

我还在 auth0 仪表板的客户端设置的允许来源 (CORS) 部分添加了file://*".

I've also added "file://*" to the Allowed Origins (CORS) section of my client settings in the auth0 dashboard.

Auth0 Lock 与控制台错误

不允许使用原始文件://

电子锁设置

var lock = new Auth0Lock(
   'McQ0ls5GmkJRC1slHwNQ0585MJknnK0L', 
   'lpsd.auth0.com', {
    auth: {
            redirect: false,
            sso: false
    }
});

document.getElementById('pill_login').addEventListener('click', function (e) {
    e.preventDefault();
    lock.show();
})

推荐答案

通过在我的电子应用程序中使用内部快速服务器来处理服务页面，我能够让 Auth0 工作.

I was able to get Auth0 to work by using an internal express server in my electron app to handle serving pages.

首先，我在名为 http 的项目中的一个单独文件夹中创建了一个基本的 express 应用程序，这里将提供要提供的 express 服务器代码和 html 文件.

First I created a basic express app in a separate folder in my project called http, here will be the express server code and html files to serve.

const path = require('path');

const express = require('express');
const app = express();

app.use(express.static(process.env.P_DIR)); // Serve static files from the Parent Directory (Passed when child proccess is spawned).

app.use((req, res, next) => {
    res.setHeader('Access-Control-Allow-Origin', 'http://localhost:<PORT>'); // Set this header to allow redirection from localhost to auth0
    next();
})


// Default page to serve electron app
app.get('/index', (req, res) => {
    res.sendFile(__dirname + '/index.html');
})

// Callback for Auth0
app.get('/auth/callback', (req, res) => {
    res.redirect('/index'); 
})

// Listen on some port
app.listen(&lt;SOME_PORT&gt;, (err) => {
    if (err) console.log(err);
    console.log('HTTP Server running on ...');
});

然后在 Electron 主进程中，我将 express 服务器生成为子进程

Then in the Electron main process, I spawn the express server as a child process

const {spawn} = require('child_process');

const http = spawn('node', ['./dist/http/page-server.js'], {
    env: {
        P_DIR: __dirname // Pass the current dir to the child process as an env variable, this is for serving static files in the project
    }
});

// Log standard output
http.stdout.on('data', (data) => {
    console.log(data.toString());
})

// Log errors
http.stderr.on('data', (data) => {
    console.log(data.toString());
})

现在 auth0 锁按预期进行身份验证.

Now the auth0 lock authenticates as expected.

这篇关于Electron Auth0Lock“原始文件://不允许"的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！