Pass access token in header instead of url loopback

Question

I am new to LoopBack. I have used it's default server authentication.

module.exports = function enableAuthentication(server) {
  // enable authentication
  server.enableAuth();
};

After this i am getting access token from login api.

Then i have to pass it in all service call url.

Is there any way/setting in loopback that allow us to pass it in http header instead of url in http request?

I am using angularjs. It is easy to set header for all service call using this $http.defaults.headers.common['Authorization'] = 'access_token'.

But if we have to pass it in url param then i have to write it in each service call.

Can anyone suggest a way to set access_token in url param for all requests from angular or loopback setting to allow it in http header.

Answer to duplicate : This question was related method(how to) pass token in header in http call from angular side.

Is this what you are looking for? https://stackoverflow.com/questions/30359463/how-do-i-use-the-access-token-in-loopback — titogeo, Sep 19 '17 at 14:50
Possible duplicate of [How do I use the access token in Loopback?](https://stackoverflow.com/questions/30359463/how-do-i-use-the-access-token-in-loopback) — Marek Urbanowicz, Sep 26 '17 at 14:20

score 2 · Accepted Answer · answered Sep 26 '17 at 18:22

2

Loopback allows you to use an Authorization header by default. See: https://loopback.io/doc/en/lb3/Making-authenticated-requests.html#making-authenticated-requests-with-access-tokens

answered Sep 26 '17 at 18:22

nVitius

2,024
15
21

1

You solved my problem. Only issue was that i was passing `headers['Authorization'] = 'Bearer '+Authtoken` in http request. Instead i had to pass `headers['Authorization'] = Authtoken` in heep requests. – Ankur Akvaliya Sep 27 '17 at 12:37

score 0 · Answer 2 · answered Sep 19 '17 at 14:52

0

You can have request Interceptor in your Angular Code, which will set Authorization token in the Header of every HTTP request.

Create a factory to inject Auth Token in the header.

module.factory('sessionInjector', function() {  
    var sessionInjector = {
        request: function(config) {
            config.headers['Authorization'] = 'Bearer '+Authtoken;
            return config;
        }
    };
    return sessionInjector;
}]);

Use config to push sessionInjector to your Angular $HTTPProvider, so that it intercepts every HTTP request and injects auth token to it.

module.config(['$httpProvider', function($httpProvider) {  
    $httpProvider.interceptors.push('sessionInjector');
}]);

Read this example to know how can you use http interceptors to inject Auth token and other useful things to your HTTP Requests.

answered Sep 19 '17 at 14:52

Ravi Shankar Bharti

8,922
5
28
52

if i use `config.headers['Authorization'] = 'Bearer '+Authtoken;`, it's not working with loopback. how can i add query param from interceptor? – Ankur Akvaliya Sep 19 '17 at 15:37
what kind of query parameter you want to addd? – Ravi Shankar Bharti Sep 20 '17 at 11:28
I want to add access_token. – Ankur Akvaliya Sep 20 '17 at 14:53
1

Any specific reason to send access_token as a query parameter? – geek_guy Sep 20 '17 at 16:02
Loopback authenticates requests using it. – Ankur Akvaliya Sep 26 '17 at 15:12

Pass access token in header instead of url loopback

2 Answers2