Reputation: 929
Loopback - Angular2 adding accessToken to requests
I'm trying to send all queries from frontend to loopback with an access token. I'm using loopback sdk builder for angular2.
After user logins, loopback returns an access token. I use the function above to append that access token to request headers
LoopBackConfig.setAuthPrefix(this.user.accessToken);
After that, all requests' headers have a property like that:
authorization: Wl3P7ysrfu1tq2gcljezdZRDHH...
I have added "loopback#token": {} to "initial:before": in middleware.json
However, still req.accessToken is null. Am I doing something wrong?
And I have one more question. Should access token be in the header? In loopback documents access token is in query parameters. Is there any way to add access token to services created by loopback sdk builder by default?
Upvotes: 0
Views: 589
Answers (1)
Reputation: 929
Adding this line solved the problem I think.
app.use(loopback.token());
Now, AccessToken.findForRequest is called by for each request. And if there is an access token in headers, in cookies or in the url, req.accessToken is created.
In the frontend, I use LoopBackConfig.setAuthPrefix function to put access token into header. For EventSource requests, (since it does not have an api to set header of the request) I add access token to url.
let source = new EventSource("/route/event?access_token=" + self.auth.getToken().id);
https should be used to avoid security leaks if you send access_token by these methods.
Upvotes: 1
Related Questions
- Loopback 4 authorization provider not working
- How to configure loopback to use access_token in the header
- Loopback Error 401 (Unauthorized) while accessing APIs
- Loopback 4 authentication using a db
- Creating Permanent AccessToken in loopback
- loopback x3 get accesstoken in a remote model
- Pass access token in header instead of url loopback
- Angular2-Token not sending headers
- Loopback 401 error when trying to update
- Loopback angular 401 Authorization Required