401 Error with post request Stormpath Express + Re

2019-07-29 09:31发布

问题:

When attempting to login any user, the following POST error results:

XMLHttpRequest cannot load https://api.stormpath.com/v1/applications/[APP_HREF]/login. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 401.

In my server.js file, I have put the following:

var express = require('express');
var stormpath = require('express-stormpath'); 
var cors = require('cors');

var app = express();

app.use(stormpath.init(app, {

  apiKey: {
    id: 'xyz',
    secret: 'abc'  // Using the unsafe inline option for example purposes
  },
  application: {
    href: `[APP_HREF]`
  },
  web: {
    produces: ['application/json']
  },
  debug: 'info'
}));

app.use(cors({
  origin: 'http://localhost:8080',
  credentials: true
}));

app.post('/', stormpath.loginRequired, function (req, res) {
  function writeError(message) {
    res.status(400);
    res.json({ message: message, status: 400 });
    res.end();
  }



});

app.on('stormpath.ready', function () {
  var server = app.listen(process.env.PORT, function() {
    try {
      process.send('CONNECTED');
    } catch(e) {}
  });
});

In my login.jsx file, I have included:

login: function(e) {
      e.preventDefault();
      e.stopPropagation();


      this.serverRequest = $.post('https://api.stormpath.com/v1/applications/[APP_HREF]/login', 
        { 
        "username": document.getElementById("email").value,
        "password": document.getElementById("pass").value
        }, function (result) {
        console.log(result);

      });

I also have saved my stormpath.yml file.

I'm not using React-Stormpath because I already created my views for Login and Registering. It looks like I only need to access the REST api with Stormpath, but I'm not sure what I need to add in order to get the API key validated.

On the actual login.jsx file, would I have to send the ID:SECRET pair as well as part of the POST request?

回答1:

I see that in your login.jsx you are trying to post directly to the Stormpath REST API, but unfortunately that isn't possible yet. Instead you will make the post to your Express server, and in turn it will communicate with Stormpath.

You already have express-stormpath in your Express server, so you just need to post your login form to /login and Stormpath will take care of the rest :)

Let us know if you run into any issues! FYI, we will be adding a "serverless" feature soon, you can follow that here: http://ideas.stormpath.com/ideas/IAM-I-59