Menu
I have web application that uses Angular7 in client side and CakePHP in Api
I was using Basic Authentication then I replace it with Token Authentication all request work fine, except one which works fine only in Postman but in browser it's weird because it seems that there is issue with authentication but couldn't know the reason.
The request should return a blob to download the file, so I use FPDI in CakePHP to return pdf
Here is request in postman
Postman Header
Date →Wed, 15 May 2019 12:02:44 GMT
Server →Apache/2.4.33 (Win32) OpenSSL/1.0.2n PHP/5.6.35
X-Powered-By →PHP/5.6.35
Content-Disposition →inline; filename="doc.pdf"
Cache-Control →private, max-age=0, must-revalidate
Pragma →public
Access-Control-Allow-Origin →*
Keep-Alive →timeout=5, max=100
Connection →Keep-Alive
Transfer-Encoding →chunked
Content-Type →application/pdf
Postman Body
Request on Chrome
Working request using Basic Auth
using FireFox
Call request
getWorkListPdf(id: number, cem_id?: number) {
let uri = `${this.workSessionsUrl}workList/${id}`;
let params = new HttpParams();
if (cem_id) {
params = params.set('cemetery_id', cem_id.toString());
}
const Auth = localStorage.getItem("AuthenticationToken");
let header = new HttpHeaders();
header = header.append("AuthenticationToken", Auth);
return this.dataService.get(uri,{ headers: header, params: params, responseType: 'arraybuffer' })
.pipe(
map(res => {
return res;
}
)
);
}
Any help is much appreciated!
995
Your API is not configured for cross origin requests. You need to configure your server to allow these requests. This will allow your API to receive requests from any origin, however can be a major security issue. Configuring your API to accept requests only from specific origins fixes this issue.
Postman already supports this. You can open the link in a browser by holding the command key (in Mac) or Ctrl (Windows/Linux) and clicking on the link. thank you so much for enlightening this for me.
Making GET Requests with Postman To see all of the users that are currently in the database, make a GET request to localhost:4000/users . To do this, you should: Make sure the dropdown is set to GET. Enter the URL localhost:4000/users in the textbox that says “Enter request URL”.
If I fully understand you want to authenticate with a bearer token instead of basic authorization. In case you want basic, you can use the following headers in your request:
const httpOptions = {
headers: new HttpHeaders({
'Content-Type': 'application/json',
'Authorization': 'Basic ' + btoa('username:password')
})
};
In case of bearer authorization, you can do the following:
const httpOptions = {
headers: new HttpHeaders({
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + JSON.parse(your token)
})
};
Hope it helps!
76
The issue was that Api can't identify that the request which contains the required header info for Authentication, I added Authentication array in AppController to allow using both Basic Auth and Token Auth when receiving json request, this work fine for all requests except for this one ( Download pdf )
I've tried to add
$this->Auth->authenticate['Token'] = array(
'fields' => array(
),
// 'parameter' => '_token',
'header' => 'AuthenticationToken',
'scope' => array(
'User.permission_api_login' => true
)
);
again in Controller and it works fine!!. it seems that it can identify the Token now and return a valid file!
22
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With