4

我想在 node.js 中使用需要用户名/密码身份验证的 REST api。使用api的代码如下:

var request = require('request');

var url = 'http://localhost:3000/api/v1/login/'

request.get(url,{'auth': {'user': 'test35','pass': 'mypassword','sendImmediately': false}},function(err, httpResponse, body) {
  if (err) {
    return console.error('post failed:', err);
  }

  console.log('Post successful!  Server responded with:', body);
});

使用上面的代码,我得到的错误是:

{
  "status": "error",
  "message": "API endpoint does not exist"
}

该api是用meteor restivus编写的,您可以在下面的问题答案中看到它

在API中,当我移除api的authRequired: true,即移除

{
        routeOptions: {
            authRequired: true
        }
  }

并在使用上述API 的代码中,将 url 从

' http://localhost:3000/api/v1/login/

至:

http://localhost:3000/api/v1/articles/

并运行“node accessRESTapi.js”,我可以使用 REST api!当“authRequired:true”按上述设置时,我无法正确执行的身份验证!请帮忙

4

1 回答 1

2

编辑:根据评论信息更新

登录获取令牌和后续请求的请求风格截然不同:

登录

文档指定登录操作必须使用包含or 和作为 url 编码参数的正文的请求来POST完成/api/login/usernameemailpassword

var request = require('request');

var url = 'http://localhost:3000/api/v1/login/'
var user = 'test35';
var pass = 'mypassword';

// Save these for future requests
var userId;
var authToken;

// Use POST instead of GET
request.post(
  {
    uri: url,
    // I'm using form because it matches the urlEncoding behaviour expected by `restivus`
    form: { username: user, password: pass }
  },
  function(err, httpResponse, body) {
    if (err) {
      return console.error('post failed:', err);
    }
    var json = JSON.parse(body);
    authToken = json.data.authToken;
    userId = json.data.userId;
    console.log('Post successful!  Server responded with:', body);
  }
);

对于未来的请求

现在您需要使用先前保存的设置正确的标题userIdauthToken

根据文档,这意味着所有后续请求X-User-Id的标头X-Auth-Token

var request = require('request');

var url = 'http://localhost:3000/api/v1/articles/'

request.get({
  uri: url, 
  headers: {
    'X-User-Id': userId,
    'X-Auth-Token': authToken
  }
}, function(err, httpResponse, body) {
  if (err) {
    return console.error('get failed:', err);
  }

  console.log('Get successful!  Server responded with:', body);
});

把它放在一起:

我们希望确保authToken在提出任何进一步请求之前获得该信息。

这意味着在第一个函数的回调中发出第二个请求,如下所示:

var request = require('request');

var url = 'http://localhost:3000/api/v1/login/';
var user = 'test35';
var pass = 'mypassword';

// Save these for future requests
var userId;
var authToken;

// Use POST instead of GET
request.post(
  {
    uri: url,
    // I'm using form because it matches the urlEncoding behaviour expected by `restivus`
    form: { username: user, password: pass }
  },
  function(err, httpResponse, body) {
    if (err) {
      return console.error('post failed:', err);
    }
    var json = JSON.parse(body);
    authToken = json.data.authToken;
    userId = json.data.userId;
    console.log('Post successful!  Server responded with:', body);

    // And now we make the second request
    // Welcome to callback hell
    var articlesUrl = 'http://localhost:3000/api/v1/articles/';

    request.get({
      uri: articlesUrl, 
      headers: {
        'X-User-Id': userId,
        'X-Auth-Token': authToken
      }
    }, function(err, httpResponse, body) {
      if (err) {
        return console.error('post failed:', err);
      }

      console.log('Get successful!  Server responded with:', body);
    });
  }
);
于 2018-07-16T03:36:45.287 回答