使用angularJS代码设置$ _SESSION（php）与远程服务器不工作 [英] setting $_SESSION (php) with remote server using angularJS code not working

问题描述

我有一个api与php实现登录认证：

I have an api with php implemented for login authenrication:

http://somerestsertver.net/sampleapi/auth-login 这将设置登录会话ID（例如在验证用户凭据后）

http://somerestsertver.net/sampleapi/auth-login this sets the login session id (e.g. after verifying user credentials)

< a href =http://somerestsertver.net/sampleapi/auth-check =nofollow> http://somerestsertver.net/sampleapi/auth-check 这将检查登录是否有效，如果会话id已设置

http://somerestsertver.net/sampleapi/auth-check this checks the login is valid if the session id is set or not

http：// somerestsertver .net / sampleapi / auth-logout ，这会破坏会话并需要注销...

http://somerestsertver.net/sampleapi/auth-logout and this destroys the session and needed logout ...

我使用$ _SESSION [id] = 1当代码
中的auth登录然后auht-check将会正确，否则auth检查将包含错误。

I set login with $_SESSION["id"]=1 when auth-login in the code then auht-check would be ok, otherwise the auth-check would contain errors.

当我调用浏览器中的这些网址或ReST客户端
，但在我的angularJS代码中使用它们会返回 http： //somerestsertver.net/sampleapi/auth-check ！

it is ok when I call these urls in browser or a ReST Client, but using them in my angularJS code returns errors for http://somerestsertver.net/sampleapi/auth-check!

似乎会话集在客户端中无法通过PHPSESSID使用，并且无法正常工作
它与沙箱或CORS或html头请求相关吗？

it seems the session set is not available via PHPSESSID in the client and it is not working properly Is it related to sandbox or CORS or html header requests?

推荐答案

客户端，在angularJS中，我将其放在我的route-config中以申请对ReST-API的所有请求

Client side, in angularJS I put this in my route-config to apply for all request to ReST-API

$httpProvider.defaults.withCredentials = true;

我想我应该主要使用.htaccess的web服务器：

I think I should have mainly use in .htaccess for web server:

Header add Access-Control-Allow-Credentials "true"

但是为了您的注意，我更新了整个.htaccess文件到以下：

but for your attention, I updated finally the whole .htaccess file to the following:

Header add Access-Control-Allow-Origin "http://localhost:3000"
Header add Access-Control-Allow-Credentials "true"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "GET, POST"
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [QSA,L]
<FilesMatch "\.php$">
Order Allow,Deny
Deny from all
</FilesMatch>
<FilesMatch "index[0-9]?\.php$">
Order Allow,Deny
Allow from all
</FilesMatch>

我也使用下面的命令在php中进行JSON响应：
$ response =desired JSON response OBJECT;
$ status ='OK or unauthenticated or ...';
$ status ='200 or 403 or ...';
header（Content-Type：application / json）;
header（HTTP / 1.1 $ status $ status_message）;
echo json_encode（$ response）;
exit（）;

also I use the following for JSON response in php: $response="desired JSON response OBJECT"; $status='OK or unauthenticated or ...' ; $status='200 or 403 or ...'; header("Content-Type:application/json"); header("HTTP/1.1 $status $status_message"); echo json_encode($response); exit();

希望这个问题和答案能帮助你

Hope this question and answer helps you

这篇关于使用angularJS代码设置$ _SESSION（php）与远程服务器不工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！