MongoDB用户角色可以进行POST调用吗?

时间:2014-11-07 18:34:54

标签: node.js mongodb authentication nginx privileges

我刚刚在 Ubuntu 14.04 上创建了 MongoDB 实例,并通过username:password.进行了身份验证 我创建的用户是这样的:

{
  "_id" : "myDatabase.myUser",
  "user" : "myUser",
  "db" : "myDatabase",
  "roles" : [ { "role" : "readWrite", "db" : "myDatabase" } ]
}

我用我的REST API在 Node.js (使用Express和Mongoose)编写的URI字符串就像:

mongodb://myUser:password@localhost:27017/myDatabase

连接正常,GET方法工作正常,但当我使用POST方法时,如通过电子邮件/密码注册,响应为:

Status Code:405 Not Allowed

有什么想法吗?提前谢谢!

FYI :我使用Nginx作为反向代理,使用Web Server作为前端(AngularJS应用),配置为:

server {
  listen 80;
  server_name example.com;

  access_log /var/log/nginx/nginx.access.log;
  error_log /var/log/nginx/nginx.error.log;

  location / {
    expires -1;
    add_header Pragma "no-cache";
    add_header Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0";
    root /usr/share/www;
    try_files $uri $uri/ /index.html =404;
  }

  location /api/v1 {
    proxy_set_header "Access-Control-Allow-Origin";
    proxy_set_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS, PUT, DELETE";
    proxy_set_header "Access-Control-Allow-Headers" "X-Requested-With,Accept,Content-Type, Origin";

    proxy_pass http://127.0.0.1:3000/api/v1;
    proxy_buffering on;

    proxy_set_header    Host        $host;
    proxy_set_header    X-Real-IP   $remote_addr;
    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header    origin      "http://example.com";
  }
}

2 个答案:

答案 0 :(得分:1)

我认为这不是一个mongodb限制。 Mongo无法知道请求是POST还是GET。您是否验证了请求是否到达nodejs服务器?我认为nginx是谁返回405状态代码。

失败可能是由于尝试返回静态页面作为对POST 请求的响应。尝试添加到nginx.conf文件中:

  # To dispatch static pages on POST request
  error_page 405 = 200 $uri;

答案 1 :(得分:0)

我添加了以下内容,nginx至少有效!:

proxy_redirect off;

现在默认的nginx配置是:

server {
  listen 80;
  server_name example.com;

  access_log /var/log/nginx/nginx.access.log;
  error_log /var/log/nginx/nginx.error.log;

 location / {
   expires -1;
   add_header Pragma "no-cache";
   add_header Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0";
   root /usr/share/www;
   try_files $uri $uri/ /index.html =404;
 }

 location /api/v1 {
      proxy_set_header 'Access-Control-Allow-Origin' 'http:/example.com';
      proxy_set_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
      proxy_set_header 'Access-Control-Allow-Headers' 'X-Requested-With,Accept,Content-Type, Origin';

      proxy_pass http://127.0.0.1:3000/api/v1;
      proxy_redirect off;
      proxy_buffering on;

      proxy_set_header    Host        $host;
      proxy_set_header    X-Real-IP   $remote_addr;
      proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header    origin      "http://example.com";
   }
}

我希望这对某人有效。

相关问题
最新问题