How to pass a token within the message body in a GET method (Restangular)?

Question

I am learning and starting now working with Restangular and AngularJS. Therefore the question may seem simple:

I need to send a token, within the GET message and do not appear in the URL.

Ex: http://www.example.com/patients

I need to pass

{"token": 1}

But I do not want to appear like this: http://example.com/patients?token=1 or something like that.

Works testing with CURL, with the following command:

curl -i -X GET -d '{"token": 1}' http://example.com/patients; echo

My source code:

RestangularProvider.setBaseUrl('http://example.com');

Restangular.all('patients').getList().then(function(records)
     {
       ....
     }

Does anyone know what needs to be done?

Did you think about adding a cookie ? That's what we do here : We have a service who provides tokens that needs to be send to services in order to authenticate the user. Tokens are received and sent has cookies — Christ-OFF, Jan 16 '15 at 14:43

score 0 · Answer 1 · answered Jan 16 '15 at 13:23

0

You should configure your RestangularProvider to respond on POST, for example:

Restangular.all('patients').getList().post("patients", $scope.patients).then(function(records)
 {
   ....
 }

Then the curl testing should be:

curl -i -X POST -d '{"token": 1}' http://example.com/patients; echo

answered Jan 16 '15 at 13:23

MarcoS

Something like this? ' Restangular.all('patients').getList().post("patients", $scope.patients).then(function(records) { $scope.patients = records; console.log("All ok Patients"); }, function(response) { console.log("Error Patients ", response.status); }); ' – sigmundojr Jan 16 '15 at 13:43
Sorry, it doesn't work. Look the error `OPTIONS http://example.compatients 400 (Bad Request) (anonymous function) s Td.$get.f De.l.promise.then.J De.l.promise.then.J (anonymous function) Yd.$get.h.$eval Yd.$get.h.$digest Yd.$get.h.$apply m w B.onreadystatechange XMLHttpRequest cannot load http://example.com/patients. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:63342' is therefore not allowed access. The response had HTTP status code 400.` – sigmundojr Jan 16 '15 at 14:03
It is. I replaced our domain to 'http://exemplo.com'.... to not show ... but the problem is the XMLHttpRequest (I think)... but I have no idea that "how to make it work"... Tks MarcosS – sigmundojr Jan 16 '15 at 14:13
With XMLHttpRequest you can't make requests to a different domain than your page is on (which is what that message means). See http://stackoverflow.com/questions/20035101/no-access-control-allow-origin-header-is-present-on-the-requested-resource. Please be sure your client and your server are on the *very* same domain (included port, for example...). – MarcoS Jan 16 '15 at 14:48

1 Answers1