0
Everybody, Good afternoon.
I need some help. My backend was written in nodejs and this one on IIS. My frontend is in angular and it’s still on my machine being debugged. My login page is working as expected, connecting smoothly. But when the application sends the request to the backend it is possible to get the username and password both via browser and using wireshark. How can I hide this information? Example: when we use the browser login box for this type of authentication, it does not leave visible login and password information.
my code:
login(username: string, password: string): Observable<User> {
const body = { username: username, password: password };
const headers = new HttpHeaders();
headers.append("Authorization", "Basic " + btoa("username:password"));
headers.append("Content-Type", "application/x-www-form-urlencoded");
return this.http
.post<User>(`${BASE_URL}/sign-in`, body, { headers: headers })
.do(user => (this.user = user));
}
This happens because you nay is using SSL on your website.
– Valdeir Psr