问题
I am using a MEAN stack and trying to set up a basic authentication. The authentication works just fine. Process goes like this:
- Angular posts user details to "/login".
- Passport is doing the authentication and redirecting to either "/login/success" or "/login/failure"
Both routes return a different simple JSON depending on the result so either:
res.json({success:true,user:req.session.passport.user});
or
return res.json({success:false});
Now, when I console.log the result from Angular I get the right JSON. The problem is that in the config object I still see the user details in the config object (username and password) that were posted initially.
I am not sure if this is normal or not but I'd like to return just a simple JSON and no additional data back to the client.
This is what I'm getting in the client. You can see the username and password in the config object.
Here is a little bit more code:
Angular HTML Form
<form action="" ng-submit="submit()">
<div class="form-group">
<input ng-model="user.username" type="text" name="user" class="form-control" placeholder="Username">
</div>
<div class="form-group">
<input ng-model="user.password" type="password" name="pass" class="form-control" placeholder="Password">
</div>
<button type="submit" class="btn btn-default">Login</button>
</form>
Angular controller:
$scope.submit = function() {
$http.post("/login", $scope.user).then(function(data) {
console.log(data);
});
}
Node routes
app.post('/login', passport.authenticate('local', {
successRedirect: '/login/success',
failureRedirect: '/login/failure'
}));
app.get('/login/success', function(req, res, next){
console.log("Authentication successful");
res.json({success:true,user:req.session.passport.user});
});
app.get('/login/failure', function(req, res){
console.log("Authentication failed");
res.json({success:false});
});
来源:https://stackoverflow.com/questions/24449293/node-http-response-returning-user-password-to-angular