I am trying to re-write emberJS app from 2.8 to 3.21, anyway ... I have implemented ember-simple-auth, i am running api (sailsjs) app on my machine as well as my emberJS machine. Everything worked until i felt i need to see a page with staging data from staging server which is hosted on aws server. Then problems occured. When i call f.e. /users to aws api i get:
router.js:1212 Error while processing route: dash-board.admins Ember Data Request GET http://xxx/users returned a 403
Payload (text/html; charset=utf-8)
You are not permitted to perform this action. Error: Ember Data Request GET http://xxx/users returned a 403
Payload (text/html; charset=utf-8)
You are not permitted to perform this action.
at ErrorClass.AdapterError (http://localhost:4200/assets/vendor.js:83508:29)
at new ErrorClass (http://localhost:4200/assets/vendor.js:83541:24)
at ApplicationAdapter.handleResponse (http://localhost:4200/assets/vendor.js:85431:18)
at ajaxError (http://localhost:4200/assets/vendor.js:85756:25)
at ajaxErrorHandler (http://localhost:4200/assets/vendor.js:85832:12)
at ApplicationAdapter.hash.error (http://localhost:4200/assets/vendor.js:85528:23)
at c (http://localhost:4200/assets/vendor.js:80494:28294)
at Object.fireWith [as rejectWith] (http://localhost:4200/assets/vendor.js:80494:29039)
at l (http://localhost:4200/assets/vendor.js:80494:79825)
at XMLHttpRequest.<anonymous> (http://localhost:4200/assets/vendor.js:80494:82254)
This doesn't happen on my local backand running on localhost:1337
//../authenticators/custom.js
import Base from 'ember-simple-auth/authenticators/base';
import jQuery from 'jquery';
import config from 'wash-app-dashboard3/config/environment';
import { inject as service } from '@ember/service';
jQuery.ajaxSetup({
crossDomain: true,
xhrFields: {
withCredentials: true
}
});
export default Base.extend({
session: service(),
...
authenticate(email, password) {
let data = {
email: email,
password: password
}
return Ember.RSVP.resolve(jQuery.ajax({
type: 'POST',
url: config.APP.apiURL + '/login',
data: data
}))
},
invalidate(data) {
..
}
});
I have tried to set contentSecurityPolicy for ENV in environment.
///.../adapters/application.js
import JSONAPIAdapter from '@ember-data/adapter/json-api';
import config from 'wash-app-dashboard3/config/environment';
export default class ApplicationAdapter extends JSONAPIAdapter {
namespace = 'v1/admin';
host = config.APP.apiURL;
headers = { 'Authorization': config.APP.apiKey };
ajax(url, method, hash = {}) {
if (config.APP.usingCors) {
hash.crossDomain = true;
if (config.APP.corsWithCreds) {
hash.xhrFields = { withCredentials: true };
}
}
return super.ajax(url, method, hash);
}
}
i am seeing in chrome console the Indicate whether to send a cookie in a cross-site request by specifying its SameSite attribute but i can't find anything useful about it with regards of ember js. Any hints would be highly appreciated.
Aucun commentaire:
Enregistrer un commentaire