我遇到了用户登录环回的问题。 当我尝试使用loopback explorer登录时
{
"error": {
"statusCode": 401,
"name": "Error",
"message": "login failed",
"code": "LOGIN_FAILED",
"stack": "Error: login failed\n at d"
}
}
响应:
{
"date": "Tue, 18 Jul 2017 06:20:01 GMT",
"content-encoding": "gzip",
"x-content-type-options": "nosniff",
"x-download-options": "noopen",
"x-frame-options": "DENY",
"content-type": "application/json; charset=utf-8",
"access-control-allow-origin": "http://localhost:10010",
"transfer-encoding": "chunked",
"connection": "keep-alive",
"access-control-allow-credentials": "true",
"vary": "Origin, Accept-Encoding",
"x-xss-protection": "1; mode=block"
}
create-lb-tables :(服务器端)
var server = require('./server');
var ds = server.dataSources["sql-local"];
var lbTables = ['User', 'AccessToken', 'ACL', 'RoleMapping', 'Role'];
ds.automigrate(lbTables, function(er) {
if (er) throw er;
console.log('Loopback tables [' - lbTables - '] created in ', ds.adapter.name);
ds.disconnect();
})
auth.service.js(客户端):
(function () {
'use strict';
angular.module('CrudAngular')
.factory('authService', authService);
authService.$inject = ['User', '$rootScope'];
function authService(User, $rootScope) {
var service = {
login: login,
logout: logout,
register: register,
isAuthenticated: isAuthenticated,
getCurrentUser: getCurrentUser
};
return service;
function login(email, password) {
return User
.login({ email: email, password: password })
.$promise;
}
function logout() {
return User
.logout()
.$promise;
}
function register(email, password) {
return User
.create({
email: email,
password: password
})
.$promise;
}
function isAuthenticated() {
return User.isAuthenticated();
}
function getCurrentUser() {
return User.getCurrent();
}
}
})();
这是登录和app.js的控制器
.controller('LoginController', ['$scope', '$state', 'authService', '$location', function ($scope, $state, authService, $location) {
$scope.login = function () {
authService.login(this.username, this.password).then(function (response) {
$location.path('/home');
console.log(response);
}, function (err) {
alert(err.data.error.message);
console.log(err);
});
};
}])
.run(['$rootScope', '$location', '$http', 'User', function ($rootScope, $location, $http, User) {
console.log(User.isAuthenticated());
$rootScope
.$on('$stateChangeStart',
function (event, toState, toParams, fromState, fromParams) {
$("#ui-view").html("");
$(".page-loading").removeClass("hidden");
});
$rootScope
.$on('$stateChangeSuccess',
function (event, toState, toParams, fromState, fromParams) {
$(".page-loading").addClass("hidden");
});
$rootScope.$on('$locationChangeStart', function (event, next, current) {
// redirect to login page if not logged in and trying to access a restricted page
var restrictedPage = $.inArray($location.path(), ['/login', '/register']) === -1;
if (restrictedPage && !User.isAuthenticated()) {
console.log("Not Authenticated");
$location.path('/login');
}
if (User.isAuthenticated()) {
$location.path('/home');
}
});
}])
login.html:
<div ng-controller="LoginController">
<div class="col-md-6 col-md-offset-3">
<h2>Login</h2>
<form name="form" ng-submit="login()" role="form">
<div class="form-group" ng-class="{ 'has-error': form.username.$dirty && form.username.$error.required }">
<label for="username">Username</label>
<input type="text" name="username" id="username" class="form-control" ng-model="username" required />
<span ng-show="form.username.$dirty && form.username.$error.required" class="help-block">Username is required</span>
</div>
<div class="form-group" ng-class="{ 'has-error': form.password.$dirty && form.password.$error.required }">
<label for="password">Password</label>
<input type="password" name="password" id="password" class="form-control" ng-model="password" required />
<span ng-show="form.password.$dirty && form.password.$error.required" class="help-block">Password is required</span>
</div>
<div class="form-actions">
<button type="submit" ng-disabled="form.$invalid || vm.dataLoading" class="btn btn-primary">Login</button>
<a href="#!/register" class="btn btn-link">Register</a>
</div>
</form>
</div>
答案 0 :(得分:0)
参考此示例here向您展示如何使用google,facebook,twitter
进行Sigin答案 1 :(得分:0)
在帐户/用户模型中添加额外的ACL,如下所述:
"acls": [{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$unauthenticated",
"permission": "ALLOW",
"property": "find"
}]
它将允许帐户(用户)模型获取帐户及其帐户,因为除了POST请求之外,User模型的默认ACL需要对每个请求进行授权。