CORS和AngujarJS和NodejsAPI问题

时间:2015-12-04 11:14:29

标签: angularjs node.js

从这个问题开始,我正在拉我的头发。 我已经构建了一个restfull api ussing nodejs来将json数据提供给angularjs前端。 我已经使用Postdam镀铬扩展测试了我的api,它可以使用我正在构建它的移动应用程序。问题在于角度。

当我尝试从angujar调用端点时,它会触发此错误

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://188.166.68.124' is therefore not allowed access. The response had HTTP status code 400.

NodeJS配置

var express             = require('express');
var app                 = express();
....
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
app.use(morgan("dev"));

app.use(function(req, res, next) {
res.setHeader('Access-Control-Allow-Origin', '*');
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type, Authorization, Access-Control-Allow-Origin, Access-Control-Allow-Headers');
 next();
});

我的一个端点

router.route("/user/login")
    .post(function(req,res){
            var username = req.body.username;
            var password = req.body.password;
            ... username and password comprobation and cleaning....
            User.findOne({username: username},function(err,user){
                    if (err) res.send(err)
                    console.log(user);
                    if (user != null){
                            if (user.password == password)  
                                    res.send(user);
                            }
                            else{
                                    res.send(403);
                            }
                    }
                    else{
                            res.send(403);
                    }
            });
            }
    });

AngularFunction

this.login = function(user,password){
                    var datatoLogin = {"username":user,"password":password};
                    console.log("login function");
                    $http({
                            method:'POST',
                            data: $.param(datatoLogin),
                            headers:{'Access-Control-Allow-Origin': '*'}, // removing this has no effect
                            url: 'http://188.166.68.124:8080/api/user/login'
                            //withCredentials : true
                    }).success(function(data, status, headers, config){
                            console.log(data);
                            this.auth = true
                            //get data from data...
                    }).error(function(data,status,headers,config){
                            console.log("error getted");
                            console.log(data);
                    });
            }

你能帮我们帮我一把吗?

4 个答案:

答案 0 :(得分:2)

试试这个:

this.login = function(user,password){
                        var datatoLogin = {"username":user,"password":password};
                        console.log("login function");
                        $http({
                                method:'POST',
                                data: $.param(datatoLogin),
                                headers:{'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8'}, // removing this has no effect
                                url: 'http://188.166.68.124:8080/api/user/login'
                                //withCredentials : true
                        }).success(function(data, status, headers, config){
                                console.log(data);
                                this.auth = true
                                //get data from data...
                        }).error(function(data,status,headers,config){
                                console.log("error getted");
                                console.log(data);
                        });
                }

答案 1 :(得分:0)

这对我有用:

// allow cross origin resource sharing
app.use(function(req, res, next) {
    res.header('Access-Control-Allow-Origin', '*');
    res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept');
    next();
});

答案 2 :(得分:0)

您在客户端放置了“Access-Control-Allow-Origin”标头,它必须位于服务器端:

app.use(function(req, res, next) {
  res.header("Access-Control-Allow-Origin", "*");
  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
  next();
});

app.get('/', function(req, res, next) {
  // Handle the get for this route
});

app.post('/', function(req, res, next) {
 // Handle the post for this route
});

编辑:Uoops,只是看到你把它放在你的节点服务器上。道歉!

答案 3 :(得分:0)

在Angular模块的.config方法中添加以下设置

app.config(['$httpProvider', function($httpProvider) {
        $httpProvider.defaults.useXDomain = true;
        delete $httpProvider.defaults.headers.common['X-Requested-With'];
    }
]);