douxunwei8259 2017-06-26 10:37
浏览 71
已采纳

验证登录PHP和Angular

Sorry for php newbie question. I have authentication.service.js in my application, where I encode user's password and send it to the web api (which is php using lumen framework). I have do it like this:

function Login(credentials, callback) {debugger;
   $http.post('http://localhost/credentials/' + credentials, {cache: false})
    .then(function (response) {
        callback(response.data);
    });
}

so actually it looks like: http://localhost/credentials/somesecretpassword

How should I work with it from php side? Currently I have call this: $app->post('/credentials/{password}', 'AdminController@getCredentials'); But I'm not sure how it should work!, how do I check if password exists! Is it possible to do it that way or I shouldn't return credentials like this??

Thanks

  • 写回答

1条回答 默认 最新

  • douxianliu6756 2017-06-26 10:49
    关注

    First of all, you should never send credentials in the URL (query string) because any proxy servers or cache servers might store the URL.

    If you want to, you should change it to $http.post('http://localhost/credentials?credentials=' + credentials, {cache: false})

    And then get it out in php with $_GET['credentials'];...

    What you should do

    Send the credentials with post: $http.post('http://localhost/credentials', {credentials: credentials}, {cache: false});

    and in PHP:

    $data = json_decode(file_get_contents('php://input'), true);
$credentials = $data['credentials'];

    Good luck!

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 uniapp uview http 如何实现统一的请求异常信息提示?
  • ¥15 有了解d3和topogram.js库的吗?有偿请教
  • ¥100 任意维数的K均值聚类
  • ¥15 stamps做sbas-insar,时序沉降图怎么画
  • ¥15 买了个传感器,根据商家发的代码和步骤使用但是代码报错了不会改,有没有人可以看看
  • ¥15 关于#Java#的问题,如何解决?
  • ¥15 加热介质是液体,换热器壳侧导热系数和总的导热系数怎么算
  • ¥100 嵌入式系统基于PIC16F882和热敏电阻的数字温度计
  • ¥15 cmd cl 0x000007b
  • ¥20 BAPI_PR_CHANGE how to add account assignment information for service line