如何使用angular.js在Strongloop中获取用户信息 [英] How to get User information in strongloop using angular.js

问题描述

我尝试了多种方法来使用Strongloop获取用户列表/功能，并使用lb-ng获取生成的angular.js服务.每次尝试获得任何用户功能时，都会收到一条未经授权的消息.

I've tried many ways to get the users list/functions using strongloop and the generated angular.js services using lb-ng. Every time I try to get any User functionality, I get a message not authorized.

为什么生成的服务文件包含用户功能，而不能从前端调用它.许多文章说这是故意的.这是错误还是我做错了?

Why would the generated service file contain User functions and not be able to call it from front end. Many articles say it's intentional. Is this a bug or am I doing it wrong?

这是我用来检查重复用户的代码.

Here's the code I'm using to check duplicate user.

angular.module('app')
    .controller('UserCtrl', ['$scope', 'User',
        function ($scope, User) {
            $scope.data = {};
            $scope.verificationSent = false;
            $scope.duplicateUser = false;

            $scope.create = function () {
                User
                    .create($scope.data)
                    .$promise
                    .then(function () {
                        $scope.verificationSent = true;
                        console.log('User %s created successfully!', $scope.data['username']);
                    })
            }

            $scope.usernameExists = function () {
                User
                    .findOne({
                        where: {
                            username: $scope.data['username']
                        }
                    })
                    .$promise
                    .then(function (result) {
                        console.log(result);
                    })
            }

        }
    ])

这是我从前端打来的电话.

Here's how I'm calling from front end.

<form  class="form-horizontal" name="form" ng-submit="form.$valid && usernameExists()" novalidate>

这是返回的错误.

GET http://0.0.0.0:3000/api/Users/findOne?where=%7B%22username%22:%22test%22%7D 401 (Unauthorized)

也附带了屏幕截图... 我已经尝试了好几个星期了，请帮忙...

Attached a screenshot too... I'm trying this out for many weeks now, kindly help...

推荐答案

strongloop创建的后端服务需要正确的授权，而您在呼叫中缺少该授权. /Users get呼叫被配置为拒绝所有请求，如果要打开它，则必须明确声明.但是在执行此操作时要小心，您可能会公开私人用户凭据，这通常是不希望的.您想要做的是创建一个服务器端调用，该调用检查用户名是否重复，并相应地进行响应，您可以将此调用允许给所有人，然后从Angular调用此命令并执行您需要的操作.希望解释清楚.

The backend service created by strongloop requires the correct authorization which you are missing in your call. The /Users get call is configured to DENY all requests, if you want to open it up then you have to explicitly state this. But be careful when you are performing this operation, you could expose private user credentials which is usually undesirable. What you want to do is create a server-side call which checks if the username is a duplicate and responds accordingly, and you can have this call be ALLOWED to everyone, and then call this from Angular and do what you need. Hope that explanation was clear.

更新 以下是修改ACL的指南: https://docs.strongloop.com /display/public/LB/Controlling + data + access

UPDATE Here is a guide to modifying ACLs: https://docs.strongloop.com/display/public/LB/Controlling+data+access

这篇关于如何使用angular.js在Strongloop中获取用户信息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！