node.js - 无法在 set-cookie 中获取数据
问题描述
对于身份验证,我Set-cookie在 Angular 应用程序的标头中发送刷新令牌和其他数据,以便在访问令牌到期时自动重新加载我的应用程序。但是,应用程序无法访问Set-Cookie.
public post(path: string, body: any) {
return this.http.post(environment.apiurl + path, body, {
headers: { "authorization": this.token.get().toString() },
observe: "response",
withCredentials: true
});
}
signin(email: string, password: string): Observable<any> {
return this.http.post('signin', {
email: email,
password: password
})
.pipe(
map(res => {
let u = res.headers.get('u');
let m = res.headers.get('m');
let l = res.headers.get('l');
let uml = u.concat('.', m, '.', l);
let bearerToken = 'Bearer'.concat(' ', uml);
this.token.set('access-token', bearerToken);
this.userSubject.next({ jwtToken: uml });
this.startRefreshTokenTimer();
}),
catchError(err => {
this.toast.showError('Error', err.error)
return throwError(err);
})
);
}
在 NodeJ 方面:
const generateTokens = async (
id: string,
res: Response
): Promise<Response<any>> => {
const tokens = await grantTokens('adminToken', { id });
const partsOfJwt: string[] = tokens.jwt.split('.'); // split jwt in 3 parts
res.setHeader('U', `${partsOfJwt[0]}`);
res.setHeader('M', `${partsOfJwt[1]}`);
res.setHeader('L', `${partsOfJwt[2]}`);
res.setHeader('access-control-expose-headers', ['U', 'M', 'L']);
// set refresh token as a signed httpOnly cookie
res.cookie('rt', tokens.rt, {
httpOnly: true,
signed: true
});
return new SuccessResponse(
SuccessStatusCode['204_NO_CONTENT'],
'',
null
).json(res);
};
问题是 Angular 即使在登录后也无法获取数据Set-cookie。任何人都可以帮助解决这个问题吗?