我正在从客户端向节点/快捷应用程序中的路由发出GET请求,也许我遗漏了一些非常明显的信息,但我的应用程序位于路径localhost:5000上,而没有转到localhost:5000 / adminPortal,按照/ adminPortal GET路由中的express res.render()渲染视图。 我已经坚持了三天,我敢肯定这很明显...也许XML http请求不是正确的方法?我需要使用什么来将标题(授权)传递到明确的路由,以使其链接并呈现视图? 这是客户端代码:
firebase.auth().onAuthStateChanged(function(user) {
console.log("Auth state changed");
//console.log("verified: " + user.emailVerified);
if(user){
firebase.auth().currentUser.getIdToken().then(function(token){
console.log('Sending request to with ID token in Authorization header.');
var req = new XMLHttpRequest();
req.open('GET','/adminPortal',true);
req.setRequestHeader('Authorization','Bearer ' + token);
req.responseType = "document";
req.send();
}).catch(function(error){
console.log("error:" + error);
});
}
在我的服务器端转到哪条路由(通过中间件之后):
router.get('/',isLoggedInAsUser,(req,res) => {
let usersRef = db.collection('Users');
var ownPolls = [];
var allUsers = [];
let firebaseUsers = usersRef.get()
.then(snapshot => {
snapshot.forEach(user => {
console.log(user.id,'=>',user.data());
allUsers.push(user.data());
});
console.log("test");
res.render('adminPortal/index',{allUsers: allUsers});
return null;
})
.catch(err => {
console.log('Error getting documents',err);
});
});
这里是中间件,它检查我在XMLHTTPrequest()中传递的标头中的令牌:
//Check if request is from User account
isLoggedInAsUser: async function(req,res,next){
if (req.headers.authorization && req.headers.authorization.startsWith('Bearer ')) {
console.log('Found "Authorization" header');
// Read the ID Token from the Authorization header.
idToken = req.headers.authorization.split('Bearer ')[1];
try {
const decodedToken = await admin.auth().verifyIdToken(idToken);
if(decodedToken){
req.body.uid = decodedToken.uid;
console.log("The decoded token: "+ decodedToken.uid);
next();
} else{
return res.status(401).send("You are not autheeeroized");
}
} catch (e){
return res.status(401).send("You are not authroized" + e);
}
}