允许cors在Express.js服务器上的Spotify API的jQuery POST请求 [英] Allowing cors jQuery POST requests to Spotify API on Express.js server

问题描述

为了在我的网络应用程序中获取Spotify API的访问令牌（由其Web授权流程指定），我了解到我必须创建一个 POST 请求。但是，当我这样做，我得到 XMLHttpRequest 500错误由于跨源问题。

In order to get an access token for the Spotify API in my web app (as specified by their Web Authorization Flow), I've learned that I have to make a POST request. However, when I do so, I get the XMLHttpRequest 500 Error due to the cross-origin problem.

我已经弄清楚如何允许CORS GET 请求，但不知道如何做同样的 POST 请求。 此链接提供了配置提示，但它保留了 GET 和 POST 空白。

I have already figured out how to allow CORS GET requests, but am not sure how to do the same for POST requests. This link provides configuration tips, but it leaves the actual routes for GET and POST blank.

这是我的Express.js服务器的相关代码：

This is the relevant code for my Express.js server:

app.use(function(req, res, next) {
  res.header("Access-Control-Allow-Origin", "*");
  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
  next();
});



app.use(express.static(__dirname + '/public')); // looks in public directory, not root directory (protects files)

app.get('/', function(req, res) {
  // res.header("Access-Control-Allow-Origin", "*");
  // res.header("Access-Control-Allow-Headers", "X-Requested-With");
  res.send(__dirname + '\\index.html')
});

app.post('/', function(req, res) {
    res.send(req.body.spotify);
});

（ spotify

我之前尝试复制 app.get 到 app.post ，但是会导致服务器崩溃。

I've previously tried copying the exact code for app.get into app.post, but that caused the server to crash.

这是我的程序的JavaScript文件中的位，打算发送一个 POST 请求后，用户点击一个按钮，使他们开始Spotify的授权路径并批准登录：

This is the bit of code in my program's JavaScript file that intends to send a POST request after the user clicks on a button that takes them to the start of Spotify's authorization path and approves the sign-in:

$('#spotify').on('click', function() {
    $.support.cors = true;

    $.post("https://accounts.spotify.com/api/token");

      });

（在这种情况下， spotify HTML文件中按钮的ID）

(in this case, spotify is the ID for the button in the HTML file)

在这种情况下，我该如何绕过CORS问题？

What should I do to bypass the CORS issue in this case? I've been stumped for a few days.

推荐答案

您可以找到一个使用express执行Spotify认证流程的示例上 https://github.com/spotify/web-api-auth-examples（参见 authorization_code 方法）。

You can find an example of using express to perform the authentication flow with Spotify on https://github.com/spotify/web-api-auth-examples (see the authorization_code approach).

您无法获取访问令牌作出客户端请求到 / api / token 。您需要向 / authorize 提出请求，该请求将重定向到您的 redirect_uri ，本身将交换<$

You can't get an access token making a client-side request to /api/token. You need to make a request to /authorize, which will redirect to your redirect_uri, which itself will exchange a code with an access token.

检查该示例，这应该满足您的需求。

Check that example, which should cover your needs.

这篇关于允许cors在Express.js服务器上的Spotify API的jQuery POST请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！