Authentication problem

[Alejandro Paciotti]

I’m developing an app with a api for serve data previous authentication.

This app is in a server (port:3000) and the application is in another server (8080)

The route that validates users on the server by post is:

 

app.post('/API/login',  passport.authenticate('local',{session: true}),

function(req, res) {

res.json({uncodigocualquiera: '24521046'});

});

 

And the route that serves the data is:

app.get('/API/datos/:uncodigo', auth, function(req, res){

codigocliente = req.params.uncodigo;

/*

...

...  go to the database…

...

*/

res.json(rsDatosClientes); 

}

 

Here is the code that validate whether the user is authenticated

var auth = function(req, res, next){

          if (!req.isAuthenticated())

                res.send(401);

          else

                next();

        };

And, if I write in the browser: http://localhost:3000/api/login?username=admin&password=admin

 

I receipt correctly:

{ "uncodigocualquiera": "24521046" }

 

And then,                 if I write in the browser:

 

http://localhost:3000/api/datos/29427604

 

also receive a json perfectly.

 

In the client side, with Angular, or from another domain, this work fine:

 

var datos = {'username':'admin', 'password':'admin'};

var futureResponse = $http.post('http://localhost:3000/API/login', datos)

 

futureResponse.success(function (data, status, headers, config) {

$scope.uncodigocualquiera = data.uncodigocualquiera;

});

 

futureResponse.error(function (data, status, headers, config) {

throw new Error('Something went wrong...');

});

 

But with Angular, from another domain, even if I have already identified, I want to access the path that serves customer data and gives me error 401:

 

var futureResponse = $http.get('http://localhost:3000/API/datos/' + $scope.codigocliente);

futureResponse.success(function (data, status, headers, config) {

$scope.razonsocial = data.razonsocial;

});

 

futureResponse.error(function (data, status, headers, config) {

throw new Error('Something went wrong...'); 

}); 

 

 

 

Someone could explain me what I'm doing wrong?

 

PD: Sorry for my English, I know it's not very good.

Alejandro...@gmail.com

[greelgorke]

you have to define put the authenticate middleware of passport before your router, so it validates the session token. look here http://passportjs.org/guide/configure/ in the Middleware paragraph

[Alejandro Paciotti]

Hi, thanks for replying, but I have already defined the middleware of passport before routes:

passport.use(new LocalStrategy(

function(username, password, done) {

   if (username === "admin" && password === "admin") // stupid example

     return done(null, {name: "admin", onecodefortest: '24521046'});

   return done(null, false, { message: 'Nombre de usuario o contraseña incorrectos.' });

}

));

And in fact, it works very well when the GET and POST are required from the same domain. 

And from outside the domain also works very well with postman. 

It is only with Angle as a client that i have the problem.

Alejandro...@gmail.com

--
--
Job Board: http://jobs.nodejs.org/
Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to nod...@googlegroups.com
To unsubscribe from this group, send email to
nodejs+un...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/nodejs?hl=en?hl=en

---
You received this message because you are subscribed to the Google Groups "nodejs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nodejs+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.