我使用Ember Simple Auth进行以下设置: 注意:我使用的是Ember App Kit。
app.js
// init Ember.SimpleAuth
App.initializer({
name: 'authentication',
initialize: function(container, application) {
Ember.SimpleAuth.setup(application, { // @todo at version 0.1.2 of Ember-simple-auth, add container variable
crossOriginWhitelist: ['http://customdomain'],
// store: Ember.SimpleAuth.Stores.LocalStorage, // default now
authenticationRoute: 'article.login'
});
}
});
export
default App;
一个简单的loginController (主要来自Ember App Kit Simple Auth)
var CustomAuthenticator = Ember.SimpleAuth.Authenticators.OAuth2.extend({
serverTokenEndpoint: 'http://customdomain/access_token/',
makeRequest: function(data) {
return Ember.$.ajax({
url: this.serverTokenEndpoint,
type: 'POST',
data: {
grant_type: 'password',
username: data.username,
password: data.password
},
dataType: 'json',
contentType: 'application/x-www-form-urlencoded'
});
}
});
var LoginController = Ember.Controller.extend(Ember.SimpleAuth.LoginControllerMixin, {
authenticator: CustomAuthenticator,
actions: {
// display an error when logging in fails
sessionAuthenticationFailed: function(message) {
console.log('sessionAuthenticationFailed');
this.set('errorMessage', message);
},
// handle login success
sessionAuthenticationSucceeded: function() {
console.log('sessionAuthenticationSucceeded');
this.set('errorMessage', "");
this.set('identification', "");
this.set('password', "");
this._super();
}
}
});
export
default LoginController;
到目前为止,我可以验证用户是否认为是登录表单。但是当我按F5时,我必须再次登录。 LocalStorage适配器为空。所以问题是我需要持久保存令牌和会话吗?
注意:我无法更新到ember-simple-auth 0.1.2,bower无法找到新版本。似乎https://github.com/simplabs/ember-simple-auth-component的github版本不是最新的。
修改 我更新了我的代码如下:
app.js
// init Ember.SimpleAuth
App.initializer({
name: 'authentication',
initialize: function(container, application) {
Ember.SimpleAuth.Authenticators.OAuth2.reopen({
serverTokenEndpoint: 'http://customdomain/access_token'
});
Ember.SimpleAuth.setup(container, application, { // @todo at version 0.1.2 of Ember-simple-auth, add container
crossOriginWhitelist: ['http://customdomain'], // @todo remove when live
// store: Ember.SimpleAuth.Stores.LocalStorage,
authenticationRoute: 'article.login'
});
}
});
export default App;
的LoginController:
var LoginController = Ember.Controller.extend(Ember.SimpleAuth.LoginControllerMixin, {
// authenticator: CustomAuthenticator, // not needed anymore
actions: {
// display an error when logging in fails
sessionAuthenticationFailed: function(message) {
this.set('errorMessage', message);
},
// handle login success
sessionAuthenticationSucceeded: function() {
this.set('errorMessage', "");
this.set('identification', "");
this.set('password', "");
this._super();
}
}
});
export default LoginController;
答案 0 :(得分:3)
之前我没有使用过oauth2身份验证器(只是我写的后端的自定义验证器),但我认为应该适用相同的概念。
刷新页面时,ember-simple-auth会调用您正在使用的oauth2身份验证器的restore方法。 restore方法正在查找名为“access_token”的属性,以确认用户已经对您的服务器进行了身份验证。当您使用access_token处的端点进行身份验证时,您的REST API是否会返回名为http://customdomain/access_token/的属性?如果没有,您希望确保发生这种情况,否则您将遇到正在进行的刷新问题。这是使用ember-simple auth提供的oauth2身份验证器中的恢复方法:
restore: function(properties) {
var _this = this;
return new Ember.RSVP.Promise(function(resolve, reject) {
// It looks for the 'access_token' property here which should have been set
// by the authenticate method if you returned it from your REST API
if (!Ember.isEmpty(properties.access_token)) {
_this.scheduleAccessTokenRefresh(properties.expires_in,
properties.expires_at,
properties.refresh_token);
resolve(properties);
} else {
reject();
}
});
}
此外,我认为在您的sessionAuthenticationSucceeded操作中需要return true。否则,该操作将不会传播到ember-simple-auth ApplicationRouteMixin(除非您没有使用该mixin或者不依赖于其sessionAuthenticationSucceeded方法,在这种情况下无关紧要)。
答案 1 :(得分:2)
这应该用0.1.2修复:github.com/simplabs/ember-simple-auth/releases/tag/0.1.2
我刚刚更新了github.com/simplabs/ember-simple-auth-component