gpt4 book ai didi

go - 连接到Go Gin时的Angular 8 CORS

转载 作者:行者123 更新时间:2023-12-01 22:16:41 25 4
gpt4 key购买 nike

我用Golang的Gin frameworkJWT middleware for it构建了一个后端。这是official example from the readme,我使用了它:

main.go

package main

import (
"log"
"net/http"
"os"
"time"

"github.com/appleboy/gin-jwt/v2"
"github.com/gin-gonic/gin"
)

type login struct {
Username string `form:"username" json:"username" binding:"required"`
Password string `form:"password" json:"password" binding:"required"`
}

var identityKey = "id"

func helloHandler(c *gin.Context) {
claims := jwt.ExtractClaims(c)
user, _ := c.Get(identityKey)
c.JSON(200, gin.H{
"userID": claims[identityKey],
"userName": user.(*User).UserName,
"text": "Hello World.",
})
}

// User demo
type User struct {
UserName string
FirstName string
LastName string
}

func main() {
port := os.Getenv("PORT")
r := gin.New()
r.Use(gin.Logger())
r.Use(gin.Recovery())

if port == "" {
port = "8000"
}

// the jwt middleware
authMiddleware, err := jwt.New(&jwt.GinJWTMiddleware{
Realm: "test zone",
Key: []byte("secret key"),
Timeout: time.Hour,
MaxRefresh: time.Hour,
IdentityKey: identityKey,
PayloadFunc: func(data interface{}) jwt.MapClaims {
if v, ok := data.(*User); ok {
return jwt.MapClaims{
identityKey: v.UserName,
}
}
return jwt.MapClaims{}
},
IdentityHandler: func(c *gin.Context) interface{} {
claims := jwt.ExtractClaims(c)
return &User{
UserName: claims[identityKey].(string),
}
},
Authenticator: func(c *gin.Context) (interface{}, error) {
var loginVals login
if err := c.ShouldBind(&loginVals); err != nil {
return "", jwt.ErrMissingLoginValues
}
userID := loginVals.Username
password := loginVals.Password

if (userID == "admin" && password == "admin") || (userID == "test" && password == "test") {
return &User{
UserName: userID,
LastName: "Bo-Yi",
FirstName: "Wu",
}, nil
}

return nil, jwt.ErrFailedAuthentication
},
Authorizator: func(data interface{}, c *gin.Context) bool {
if v, ok := data.(*User); ok && v.UserName == "admin" {
return true
}

return false
},
Unauthorized: func(c *gin.Context, code int, message string) {
c.JSON(code, gin.H{
"code": code,
"message": message,
})
},
// TokenLookup is a string in the form of "<source>:<name>" that is used
// to extract token from the request.
// Optional. Default value "header:Authorization".
// Possible values:
// - "header:<name>"
// - "query:<name>"
// - "cookie:<name>"
// - "param:<name>"
TokenLookup: "header: Authorization, query: token, cookie: jwt",
// TokenLookup: "query:token",
// TokenLookup: "cookie:token",

// TokenHeadName is a string in the header. Default value is "Bearer"
TokenHeadName: "Bearer",

// TimeFunc provides the current time. You can override it to use another time value. This is useful for testing or if your server uses a different time zone than your tokens.
TimeFunc: time.Now,
})

if err != nil {
log.Fatal("JWT Error:" + err.Error())
}

r.POST("/login", authMiddleware.LoginHandler)

r.NoRoute(authMiddleware.MiddlewareFunc(), func(c *gin.Context) {
claims := jwt.ExtractClaims(c)
log.Printf("NoRoute claims: %#v\n", claims)
c.JSON(404, gin.H{"code": "PAGE_NOT_FOUND", "message": "Page not found"})
})

auth := r.Group("/auth")
// Refresh time can be longer than token timeout
auth.GET("/refresh_token", authMiddleware.RefreshHandler)
auth.Use(authMiddleware.MiddlewareFunc())
{
auth.GET("/hello", helloHandler)
}

if err := http.ListenAndServe(":"+port, r); err != nil {
log.Fatal(err)
}
}

我在Angular 8中的身份验证服务如下所示:

身份验证服务
headers = new HttpHeaders({ "Content-Type": "application/json" });

login(username: string, password: string): Promise<any> {
const url: string = `${this.BASE_URL}` + "/login";
const request = this.http
.post(
url,
JSON.stringify({ username: username, password: password }),
{ headers: this.headers }
)

.toPromise();

return request;
}

但这在Chrome中给我一条错误消息:
Access to XMLHttpRequest at 'http://127.0.0.1:8000/api/login' from origin 'http://localhost:4200' has been blocked by CORS policy: Request header field content-type is not allowed by Access-Control-Allow-Headers in preflight response.

在控制台中,Gin返回状态代码204。

我以为这是一个CORS问题,因此我实现了Gin的 CORS middleware:
r.Use(cors.New(cors.Config{
AllowOrigins: []string{"http://localhost:8000"},
AllowMethods: []string{"PUT", "PATCH"},
AllowHeaders: []string{"Origin"},
ExposeHeaders: []string{"Content-Length"},
AllowCredentials: true,
AllowOriginFunc: func(origin string) bool {
return origin == "https://github.com"
},
MaxAge: 12 * time.Hour,
}))

不幸的是,它仍然无法正常工作。如果我将POST方法添加到允许的方法中,也不会这样:
AllowMethods:     []string{"PUT", "PATCH", "POST"}

我的最后尝试是使用代理,如 Angular documentation中所述:

proxy.conf.json
{
"/api": {
"target": "http://localhost:8000",
"secure": false
}
}

angular.json
"options": {
"browserTarget": "your-application-name:build",
"proxyConfig": "src/proxy.conf.json"
}

我从ng serve重新开始,但是仍然出现错误(我根据代理文件中的配置将auth.service和main.go中的URL更改为/ api / login)。

我在这里做错了什么?

最佳答案

AllowHeaders: []string{"Origin"}更改为AllowHeaders: []string{"content-type"}

关于go - 连接到Go Gin时的Angular 8 CORS,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59516369/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com