emberjs 处理 401 未授权 [英] emberjs handle 401 not authorized
问题描述
我正在构建一个 ember.js 应用程序并挂断了身份验证.json rest 后端是 rails.每个请求都使用会话 cookie (warden) 进行身份验证.
I am building an ember.js application and am hung up on authentication. The json rest backend is rails. Every request is authenticated using a session cookie (warden).
当用户第一次导航到应用程序根时,rails 会重定向到登录页面.一旦会话被授权,ember.js 应用程序就会被加载.加载后,ember.js 应用程序使用 ember-data RESTadapter 和会话向后端发出请求以进行授权.
When a user first navigates to the application root rails redirects to a login page. Once the session is authorized the ember.js app is loaded. Once loaded the ember.js app makes requests to the backend using ember-data RESTadapter and the session for authorization.
问题是会话将在预定时间后到期.很多时候发生这种情况时 ember.js 应用程序仍然加载.因此,对后端的所有请求都返回 401 {not autorized} 响应.
The problem is the session will expire after a predetermined amount of time. Many times when this happens the ember.js app is still loaded. So all requests to the backend return a 401 {not autorized} response.
为了解决这个问题,我认为 ember.js 应用程序需要在每次从服务器返回 401 {not autorized} 响应时使用登录模式通知用户.
To fix this problem I am thinking the ember.js app needs to notify the user with a login modal every time a 401 {not autorized} response is returned from the server.
有谁知道如何监听 401 {not autorized} 响应并允许用户重新登录而不丢失任何更改或状态.
Does anyone know how to listen for a 401 {not autorized} response and allow the user to re-login without losing any changes or state.
我见过其他方法,例如令牌授权,但我担心安全隐患.
I have seen other approaches such as token authorization but I am concerned with the security implications.
有人对此问题有有效的解决方案吗?
Anybody have a working solution to this problem?
推荐答案
AFAIK 这不是由 ember-data 的当前实现解决的,并且 ember-data README 指出处理错误状态"位于 路线图.
AFAIK this is not addressed by the current implementation of ember-data and the ember-data README states that "Handle error states" is on the Roadmap.
暂时,您可以实现自己的错误处理适配器.看看DS的实现.RestAdapter .通过将其用作启动器,在其中添加错误处理应该不会太困难(例如,只需将错误函数添加到传递给 jQuery.ajax 调用的数据散列中).
For the time being, you can implement your own error handling adapter. Take a look at the implementation of the DS.RestAdapter . By using that as a starter, it should not be too difficult to add error handling in there (e.g simply add an error function to the the data hash that is passed to the jQuery.ajax call).
这篇关于emberjs 处理 401 未授权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
