douxunwei8259 2017-06-26 10:37
浏览 71
已采纳

验证登录PHP和Angular

Sorry for php newbie question. I have authentication.service.js in my application, where I encode user's password and send it to the web api (which is php using lumen framework). I have do it like this:

function Login(credentials, callback) {debugger;
   $http.post('http://localhost/credentials/' + credentials, {cache: false})
    .then(function (response) {
        callback(response.data);
    });
}

so actually it looks like: http://localhost/credentials/somesecretpassword

How should I work with it from php side? Currently I have call this: $app->post('/credentials/{password}', 'AdminController@getCredentials'); But I'm not sure how it should work!, how do I check if password exists! Is it possible to do it that way or I shouldn't return credentials like this??

Thanks

  • 写回答

1条回答 默认 最新

  • douxianliu6756 2017-06-26 10:49
    关注

    First of all, you should never send credentials in the URL (query string) because any proxy servers or cache servers might store the URL.

    If you want to, you should change it to $http.post('http://localhost/credentials?credentials=' + credentials, {cache: false})

    And then get it out in php with $_GET['credentials'];...

    What you should do

    Send the credentials with post: $http.post('http://localhost/credentials', {credentials: credentials}, {cache: false});

    and in PHP:

    $data = json_decode(file_get_contents('php://input'), true);
$credentials = $data['credentials'];

    Good luck!

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 删除虚拟显示器驱动 删除所有 Xorg 配置文件 删除显示器缓存文件 重启系统 可是依旧无法退出虚拟显示器
  • ¥15 vscode程序一直报同样的错,如何解决?
  • ¥15 关于使用unity中遇到的问题
  • ¥15 开放世界如何写线性关卡的用例(类似原神)
  • ¥15 关于并联谐振电磁感应加热
  • ¥60 请查询全国几个煤炭大省近十年的煤炭铁路及公路的货物周转量
  • ¥15 请帮我看看我这道c语言题到底漏了哪种情况吧!
  • ¥66 如何制作支付宝扫码跳转到发红包界面
  • ¥15 pnpm 下载element-plus
  • ¥15 解决编写PyDracula时遇到的问题