search

ralscha / blog

Source code for my blog
https://golb.hplar.ch/
MIT License
222 stars 246 forks source link

/secret and /authenticate routes returning 403 #11

Closed iranicus closed 6 years ago

iranicus commented 6 years ago

So currently having api issues with the /secret and /authenticate routes where I get a Access Denied 403 response on both possibly indicating the JWT might not be passed in the header as I have inspected the requests in Chrome and can't seem to find the JWT anywhere in the headers. For the /secret route issue I simply log in and get the 403 response, as for the /authenticate I simply restart the application after prior logging in and get the 403 response when this is called.

/secret details: secretissue

/authenticate details: authenticateissue

It's probably something specific that I'm missing, or perhaps a dependency version issue since it seems like a front end problem.

ralscha commented 6 years ago

Hi Have you whitelisted localhost:8080 in app.modules.ts

export function jwtOptionsFactory(storage: Storage) {
  return {
    tokenGetter: () => storage.get('jwt_token'),
    whitelistedDomains: ['localhost:8080']
  }
}

https://github.com/ralscha/blog/blob/master/jwt/client/src/app/app.module.ts#L16-L21

iranicus commented 6 years ago

Hey's so I had a look and my spelling of the property whitelistedDomains was incorrect, instead I had whitelistDomains which I now replaced with the correct property name and it now works. Thanks for indicating this.