Use token to access a platform

Asked

Viewed 122 times

2

I have a web application and am accessing through an APP this way:

.controller('LoginCtrl', function($scope, $ionicPopup, $state, $http) {
    $scope.data = {};

    $scope.login = function() {
        $http.post('http://localhost:3000/login', $scope.data.session_email, $scope.data.session_password).success(function(data) {
            $state.go('improvements');
        }).error(function(data) {
            var alertPopup = $ionicPopup.alert({
                title: 'Login failed!',
                template: 'User/Password is Wrong'
            });
        });
    }
});

but I’m getting the following error:

NoMethodError (undefined method `[]' for nil:NilClass):
  app/controllers/sessions_controller.rb:9:in `create'

My controller:

def create
    user = User.find_by(email: params[:session][:email].downcase)
    if user && user.authenticate(params[:session][:password]) && user.permission == true
      params[:session][:remember_me] == '1' ? remember(user) : forget(user)
      remember user
      redirect_to user
    elsif user && user.permission == false
      flash.now[:notpermission] = "You do not have a permission"
      render "new"
    else
      flash.now[:error] = "Invalid password or email"
      render "new"
    end
  end

I know I need the token to access but I don’t know how to do it... someone can give me a light ?

  • in Which module you are adding this controller, this module was injected into the application ??

  • I forgot to mention this controller at the bottom in case it is the web application I want to access and the controller at the top is the APP

  • Look, it’s hard to say but in its code lines the POST method is wrong, ( $http.post('http://localhost:3000/login', $Scope.data.session_email, $Scope.data.session_password)) you are passing 2 parameters and the post waits (URL, OBJECT) then either you call via GET and pass these two parameters in the URL, or pass a JSON OBJECT to the server

  • just exchange the get for the post ?

  • It worked with the get perfectly thank you.

  • I’ll add an answer for you to make official, @Archibald

Show 1 more comment

2 answers

2

It may be necessary to authorize the service $http to use cookies (which is probably where the authentication preserves the bearer token). Add the following snippet to the startup:

.config(function ($httpProvider) {
    $httpProvider.defaults.withCredentials = true;
});

Or, alternatively, specify in the call:

$http.get('url', { withCredentials: true})
  • this way I get the error Xmlhttprequest cannot load http://localhost:3000/login. A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true. Origin 'http://192.168. 1.36:8100' is therefore not allowed access.

  • @Rchibald the two are really incompatible. Or you use asterisk to determine that any URL can request this endpoint via XHR, OR allows you to pass cookies on the request. If you do not have external calls, remove the asterisk. If you do, list the domains that use it one by one.

1


you are using the POST method the wrong way,

$http.post('http://localhost:3000/login', $scope.data.session_email, $scope.data.session_password)

when you inform that it is a post, you can use 2 parameters, 'URL' and 'OJETO', the way you are using you are passing 3 parameters, the easiest way would be to switch to GET your request and pass the parameters through the 'url', or create an OBJECT and pass the two parameters. $Scope.data.session_email, $Scope.data.session_password,

as properties of that object.

  • It worked perfectly using get. The log-in is done successfully, but when accessing the platform data already logged through the app it returns me the home page.. it seems that is not persisting to Session, how can I solve this ?

Browser other questions tagged

You are not signed in. Login or sign up in order to post.