我正在对一个纯客户端的CORS演示应用进行IP限制,该应用与经过身份验证的第三方API进行交互。我运行了一个“中间件”服务器,用它来代理从CORS应用程序发送到第三方API的请求,但是我在向这些代理请求中注入基本身份验证凭据时遇到了困难。
isAllowed = (req, res, next) -> # Do IP check here.
base64Encode = (unencoded) -> new Buffer(unencoded or '').toString 'base64'
app.all "/demoproxy/*", isAllowed, (req, res) ->
req.url = "/" + req.url.split("/").slice(2).join("/")
userPass = base64Encode "#{process.env.DEMO_USERNAME}:#{process.env.DEMO_PASSWORD}"
# This doesn't work.
# res.setHeader 'Authorization', "Basic #{userPass}"
# This doesn't work either.
###res.oldWriteHead = res.writeHead
res.writeHead = (statusCode, headers) ->
headers = { }
headers['Authorization'] = "Basic #{userPass}"
res.oldWriteHead statusCode, headers###
proxy = new httpProxy.HttpProxy
target:
host: 'remote-api.com'
port: 80
proxy.proxyRequest req, res
什么是正确的方法?