问题:
发布到我们的身份验证服务器时,我遇到401授权问题,即将会话转换为令牌(ConvertSessionToToken)。
背景:
ServiceStack API-身份验证设置
Plugins.Add(new AuthFeature(() => new CustomUserSession(), new IAuthProvider[] {
new JwtAuthProvider(AppSettings)
{
RequireSecureConnection = false,
IncludeJwtInConvertSessionToTokenResponse = true
},
new CredentialsAuthProvider(), //HTML Form post of UserName/Password credentials
}));
还启用了CORS
Plugins.Add(new CorsFeature(
allowOriginWhitelist: new[] {
"http://localhost:3000" },
allowCredentials: true,
allowedHeaders: "Content-Type, Allow, Authorization",
maxAge: 60 * 60)); //Cache OPTIONS permissions
UI-gateway.js
const BaseUrl = "https://acpdapi.azurewebsites.net/"; // .NET Core App Server on Azure
export const client = new JsonServiceClient(BaseUrl);
export const getSessionInfo = async () => {
try {
//Converts Session to JWT Token Cookie
// Issue: 401 Auth - requested resource requires authentication
const authResponse = await client.post(new ConvertSessionToToken());
client.bearerToken = authResponse.accessToken;
//Remove unnecessary JWT from HTTP Headers so only JWT Cookie is used
client.headers.delete("Authorization");
return response;
} catch (e) {
return null;
}
};
export const logout = async () => {
const request = new Authenticate();
request.provider = "logout";
// await getSessionInfo();
await client.post(request);
};
export const login = async (provider, userName, password) => {
console.log("authenticating...");
await logout();
const request = new Authenticate();
request.provider = provider;
request.userName = userName;
request.password = password;
request.useTokenCookie = true;
var response = await client.post(request);
// happy days - I am getting successful token
await getSessionInfo();
//return response;
return `/${provider}`;
};
问题
我一定很想念一些明显的东西。从本地服务器(即http://localhost:5000或https:///localhost:5001)提供.NET Core API时,我没有遇到报告的问题。
问题是什么-当我成功通过身份验证时,为什么在寻找ConvertSessionToToken时遇到身份验证问题?
谢谢