{"id":7520,"date":"2015-07-18T03:26:20","date_gmt":"2015-07-18T03:26:20","guid":{"rendered":"https:\/\/unknownerror.org\/index.php\/2015\/07\/18\/angularjs-satellizer-jwt-cors-issue-when-authenticated-open-source-projects-sahat-satellizer\/"},"modified":"2015-07-18T03:26:20","modified_gmt":"2015-07-18T03:26:20","slug":"angularjs-satellizer-jwt-cors-issue-when-authenticated-open-source-projects-sahat-satellizer","status":"publish","type":"post","link":"https:\/\/unknownerror.org\/index.php\/2015\/07\/18\/angularjs-satellizer-jwt-cors-issue-when-authenticated-open-source-projects-sahat-satellizer\/","title":{"rendered":"AngularJS Satellizer jwt CORS issue when authenticated-open source projects sahat\/satellizer"},"content":{"rendered":"

i’v got weird behaviour of my code. I’m using Satellizer to authenticate user and when user is not authenticated when i execute this code:<\/p>\n

$http.get('http:\/\/eune.api.pvp.net\/api\/lol\/eune\/v1.4\/summoner\/by-name\/somename?api_key=XXXXXXXXXXXXXXXXX')\n                    .success(function (data) {\n                        console.log(data);\n                    });\n<\/code><\/pre>\n
my request is ok and i get data<\/p>\n
headers:<\/p>\n
Accept:application\/json, text\/plain, *\/*\nAccept-Encoding:gzip, deflate, sdch\nAccept-Language:pl-PL,pl;q=0.8,en-US;q=0.6,en;q=0.4\nConnection:keep-alive\nHost:eune.api.pvp.net\nOrigin:http:\/\/localhost:9000\nReferer:http:\/\/localhost:9000\/\nUser-Agent:Mozilla\/5.0 (Windows NT 6.1; WOW64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/40.0.2214.93 Safari\/537.36\n<\/code><\/pre>\n
but when i authenticate user and try to do same request i get:<\/p>\n
XMLHttpRequest cannot load http:\/\/eune.api.pvp.net\/api\/lol\/eune\/v1.4\/summoner\/by-name\/somename?api_key=XXXXXXXXXXXX. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http:\/\/localhost:9000' is therefore not allowed access. The response had HTTP status code 401.\n<\/code><\/pre>\n
and headers of this request looks like:<\/p>\n
Accept:*\/*\nAccept-Encoding:gzip, deflate, sdch\nAccept-Language:pl-PL,pl;q=0.8,en-US;q=0.6,en;q=0.4\nAccess-Control-Request-Headers:accept, authorization\nAccess-Control-Request-Method:GET\nConnection:keep-alive\nHost:eune.api.pvp.net\nOrigin:http:\/\/localhost:9000\nReferer:http:\/\/localhost:9000\/\nUser-Agent:Mozilla\/5.0 (Windows NT 6.1; WOW64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/40.0.2214.93 Safari\/537.36\n<\/code><\/pre>\n
my app.config<\/p>\n
.config(function ($urlRouterProvider, $stateProvider, $httpProvider, $authProvider, API_URL) {\n\n            $urlRouterProvider.otherwise('\/');\n            ... some routes ...\n                    $authProvider.loginUrl = API_URL + 'login';\n                    $authProvider.signupUrl = API_URL + 'register';\n                    $authProvider.google({\n                        clientId: 'secret',\n                        url: API_URL + 'auth\/google'\n                    });\n                    $authProvider.facebook({\n                        clientId: 'secret',\n                        url: API_URL + 'auth\/facebook'\n                    });\n\/\/                    $httpProvider.interceptors.push('authInterceptor');\n        })\n<\/code><\/pre>\n
So how should i fix it? I suppose that those headers with Access-Control are the reason, but how should i handle it?<\/p>\n","protected":false},"excerpt":{"rendered":"
i’v got weird behaviour of my code. I’m using Satellizer to authenticate user and when user is not authenticated when i execute this code: $http.get(‘http:\/\/eune.api.pvp.net\/api\/lol\/eune\/v1.4\/summoner\/by-name\/somename?api_key=XXXXXXXXXXXXXXXXX’) .success(function (data) { console.log(data); }); my request is ok and i get data headers: Accept:application\/json, text\/plain, *\/* Accept-Encoding:gzip, deflate, sdch Accept-Language:pl-PL,pl;q=0.8,en-US;q=0.6,en;q=0.4 Connection:keep-alive Host:eune.api.pvp.net Origin:http:\/\/localhost:9000 Referer:http:\/\/localhost:9000\/ User-Agent:Mozilla\/5.0 (Windows NT 6.1; WOW64) […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-7520","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/7520","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/comments?post=7520"}],"version-history":[{"count":0,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/7520\/revisions"}],"wp:attachment":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/media?parent=7520"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/categories?post=7520"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/tags?post=7520"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}