0

I'm currently trying to intergrate a login API with my angular JS app for authentication.

This is my current login function:

  var $promise = $http.post(API + '/login', {
      username: name,
      password: pw
  });

  $promise.then(function(msg){
    if(msg.data.success == true){
      resolve('Login success.');
    }else{
      reject('Login Failed.');
    }
  });

It's successfully returning when successful, however when I try to GET the settings from the user using the API I'm getting an error for unauthorization.

This is my GET request:

   $http({
       method: 'GET',
       url: API + '/account/settings',
       withCredentials: true
   }).then(function successCallback(response) {
       // SUCCESS
   }, function errorCallback(response) {
       // ERROR
   });

It's really, really puzzling me. I can use Postman to make the API call to login and then GET from the settings, but can't for the life of me get this working.

These are my response headers from the LOGIN request:

Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://localhost:8100
Connection:keep-alive
Content-Length:171
Content-Type:application/json; charset=utf-8
Date:Tue, 20 Dec 2016 21:30:05 GMT
ETag:W/"ab-vCrnhzn26fE4borN6cmpAw"
set-cookie:connect.sid=s%3A1EF4OfHQ2uYb750QvccZB4pnNCyTsAfd.ISmVn3vE5jXjEwmLbtsQK4O339%2Fw74K3Y613f4%2FcTKE; Path=/; HttpOnly
Vary:Origin, X-HTTP-Method-Override, Accept-Encoding
Improve this question
5
  • When you get the result back from that login API, do you see any authorization header being added to the response, and if so have you added that to the next request header? Commented Dec 20, 2016 at 21:19
  • Hey @YaserAdelMehraban, I'm getting a body response back with the success and then I get the following back in the response headers: Commented Dec 20, 2016 at 21:24
  • HTTP/1.1 200 OK Access-Control-Allow-Origin: localhost:8100 Vary: Origin, X-HTTP-Method-Override, Accept-Encoding Access-Control-Allow-Credentials: true Content-Type: application/json; charset=utf-8 Content-Length: 171 ETag: W/"ab-vCrnhzn26fE4borN6cmpAw" set-cookie: connect.sid=s%3AEtJZCOqfGu4UqZnLGDIfIZXjAYKUQx12.EqyopERh6bEgIawPrtY5Jwqe7HqB5FFBgefqUy%2BSsrk; Path=/; HttpOnly Date: Tue, 20 Dec 2016 21:20:26 GMT Connection: keep-alive Commented Dec 20, 2016 at 21:24
  • Can you update your post with the response (hard to read in comments). Not sure what kind of server you are using for that API but usually you will need an authorization header which is coming from a successful login, added to the request, take a look at here: oskarhane.com/add-authorization-header-to-angularjs-http Commented Dec 20, 2016 at 21:28
  • Hey @YaserAdelMehraban, that's updated now. I'm using Drywall on Node and the REST API that is in that. It shouldn't be an issue with the API if I can login successfully with Postman though should it? Commented Dec 20, 2016 at 21:32

1 Answer 1

Reset to default
1

I traced back the server you are using and found a project called ngFrame which consumes almost all of the API's of Drywall, there are samples of authentication as well there.

There is a function called setAuthHeader in the source you can take a look at:

function setAuthHeader(user) {
    $http.defaults.headers.common['Authorization'] = user.authHeader
}

The use which is passed in here is coming from the response of the post to login:

$http.post('/api/login', user).success(function(user) {});

Here is the GitHub page.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Hey, I'm currently using this: github.com/arthurkao/angular-drywall which is the angular version of Drywall which is all setup and working. So are you saying that my login post is wrong? or the response back isn't right?
Yap if you take a look at security.js there is nowhere that sets authentication header. Not even in the interceptor they are using for retry unauthorized-server
Damn, so it's nothing I can simply edit to get working?
I recommend taking a look at the ngFrame and see if you can find an example with that, then search for login issues with angular-drywall
Well it's actually working now, I've not changed anything. I'm very confused. Thanks for your help though dude, greatly appreciated.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.