从这个问题开始,我正在拉我的头发。 我已经构建了一个restfull api ussing nodejs来将json数据提供给angularjs前端。 我已经使用Postdam镀铬扩展测试了我的api,它可以使用我正在构建它的移动应用程序。问题在于角度。
当我尝试从angujar调用端点时,它会触发此错误
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://188.166.68.124' is therefore not allowed access. The response had HTTP status code 400.
NodeJS配置
var express = require('express');
var app = express();
....
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
app.use(morgan("dev"));
app.use(function(req, res, next) {
res.setHeader('Access-Control-Allow-Origin', '*');
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type, Authorization, Access-Control-Allow-Origin, Access-Control-Allow-Headers');
next();
});
我的一个端点
router.route("/user/login")
.post(function(req,res){
var username = req.body.username;
var password = req.body.password;
... username and password comprobation and cleaning....
User.findOne({username: username},function(err,user){
if (err) res.send(err)
console.log(user);
if (user != null){
if (user.password == password)
res.send(user);
}
else{
res.send(403);
}
}
else{
res.send(403);
}
});
}
});
AngularFunction
this.login = function(user,password){
var datatoLogin = {"username":user,"password":password};
console.log("login function");
$http({
method:'POST',
data: $.param(datatoLogin),
headers:{'Access-Control-Allow-Origin': '*'}, // removing this has no effect
url: 'http://188.166.68.124:8080/api/user/login'
//withCredentials : true
}).success(function(data, status, headers, config){
console.log(data);
this.auth = true
//get data from data...
}).error(function(data,status,headers,config){
console.log("error getted");
console.log(data);
});
}
你能帮我们帮我一把吗?
答案 0 :(得分:2)
试试这个:
this.login = function(user,password){
var datatoLogin = {"username":user,"password":password};
console.log("login function");
$http({
method:'POST',
data: $.param(datatoLogin),
headers:{'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8'}, // removing this has no effect
url: 'http://188.166.68.124:8080/api/user/login'
//withCredentials : true
}).success(function(data, status, headers, config){
console.log(data);
this.auth = true
//get data from data...
}).error(function(data,status,headers,config){
console.log("error getted");
console.log(data);
});
}
答案 1 :(得分:0)
这对我有用:
// allow cross origin resource sharing
app.use(function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept');
next();
});
答案 2 :(得分:0)
您在客户端放置了“Access-Control-Allow-Origin”标头,它必须位于服务器端:
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
app.get('/', function(req, res, next) {
// Handle the get for this route
});
app.post('/', function(req, res, next) {
// Handle the post for this route
});
编辑:Uoops,只是看到你把它放在你的节点服务器上。道歉!
答案 3 :(得分:0)
在Angular模块的.config方法中添加以下设置
app.config(['$httpProvider', function($httpProvider) {
$httpProvider.defaults.useXDomain = true;
delete $httpProvider.defaults.headers.common['X-Requested-With'];
}
]);