search

witoldsz / angular-http-auth

MIT License
2.37k stars 416 forks source link

doesn't seem to use the config for the next requests #108

Closed jarnix closed 8 years ago

jarnix commented 9 years ago

Hello,

I'm trying this code with angular 1.4. The interceptor handles the 401/403 well but seems to add the headers (within the config object) only for the blocked requests, and not for the next ones. The defaults for $http provider are not set.

Am I wrong/tired ?

witoldsz commented 9 years ago

What kind of headers? Can you provide a code sample?

jarnix commented 9 years ago

Hello,

My app uses an API and the authorization is an additional header, I hade to modify the code to add the addtional header :

In my login controller, upon a successful login :

 AuthInterceptorService.loginConfirmed('success', function(config) {
                            config.headers["X-Authorization"] = xAuthorization;
                            return config;
                        }, xAuthorization);

And then in the code of angular-http-auth :

loginConfirmed : function(data, configUpdater, xAuthorization) {
                var updater = configUpdater || function(config) {
                    return config;
                };
                $http.defaults.headers.common['X-Authorization'] = xAuthorization;
                $rootScope.$broadcast('event:auth-loginConfirmed', data);
                HttpBuffer.retryAll(updater);
            },

The diff is in this line :

$http.defaults.headers.common['X-Authorization'] = xAuthorization;

I mean that the config doesn't seem to be propagated to the requests that are not yet in the buffer. I read in the doc of Angular that I could also add a "request" function like the one in your code :

$httpProvider.interceptors.push([ '$rootScope', '$q', 'HttpBuffer', function($rootScope, $q, HttpBuffer) {
            return {
                responseError: ...
                request : ...

but I did not have time yet to implement this change.

Basically, your code is okay with a session cookie (because it's sent with every request obviously) but in this app I'm using an api with an auth header. The config should be propagated though, I think. I will try to implement this, give a code sample and create a merge request today.

witoldsz commented 9 years ago

You have changed this module to suit your specific needs. In your application it might be OK, but in hundreds of other apps currently running this module - it might not be desired behavior.

Maybe it would be better to let your requirement happen in another interceptor?

ghost commented 9 years ago

Hi,

im using http-auth with token too. Heres my implementation for adding the token into the header:

angular.module('app.common.identity').factory('authHttpInterceptor', function ($rootScope, identityService) {
    "use strict";
    return {
        'request': function (config) {
            config.headers = config.headers || {};

            var tmpCurrentUser = identityService.getCurrentUser();
            if (tmpCurrentUser) {
                config.headers.Authorization = 'Bearer ' + tmpCurrentUser.token;
            }
            return config;
        }
    };
});