1

I'm trying https://jsreport.net/learn/authentication:

....
  "extensions": {
    "authentication": {
      "cookieSession": {
        "secret": "<your strong secret here>"
      },
      "admin": {
        "username": "admin",
        "password": "password"
      },
      "enabled": true
    },
......

I've also read the following:

You need to add the header to every request when is this extension enabled.

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

Where the hash is based on username and password: base64(username:password)

I tried using both QWxhZGRpbjpvcGVuIHNlc2FtZQ== and using https://www.motobit.com/util/base64-decoder-encoder.asp to encode: admin:password resulting: YWRtaW46cGFzc3dvcmQ=. Which when tried both of them doesn't seem to enable me to access my API.

(note that key in the following was either of the above I've tried)

I've tried placing on front-end call to jsreport API: return this.http.post(this.hosturl, parameter, { headers: 'Content-Type': 'application/json', 'Authorization': 'Basic ' + this.key }, responseType: 'blob' });

I've also tried placing on the back-end to call jsreport API: 

 var data = {
        headers: {
            "Authorization" : "Basic key" 
        },
        template: { "shortid": shortid },
        options: {
            preview: preview
        }
    }

Any idea why it always returns unauthorized on front-end(angular) and prompting login on the back-end (express)?

PS: on backend-API prompt of username: admin and password: password doesn't work for some reason.

I only managed to log-in from the jsreport studio using the username:admin and password:password.

Any idea is appreciated.

Shinjo
  • 677
  • 6
  • 22

1 Answers1

0

The reason for it always returns unauthorized on front-end(angular) and prompting login on the back-end (express) was mistaken implementation.

How I managed to resolve it:

For front-end:

variable declaration after constructor(){}:

key = 'YWRtaW46cGFzc3dvcmQ='; header = { 'Content-Type': 'application/json', 'Authorization': 'Basic ' + this.key };

On service call:

return this.http.post(this.hosturl, parameter, { headers: this.header, responseType: 'blob' });

For back-end:

var options = {
        uri: 'http://localhost:5488/api/report',
        auth: { user: 'admin', password: 'password'}, 
        method: 'POST',
        json: data
    }
Shinjo
  • 677
  • 6
  • 22
  • In fact, when I was testing on production code my interceptor was intercepting all auth request which return failure. When using [this answer](https://stackoverflow.com/a/49013534/11328122) I was able to ignore the interceptor for this certain request. – Shinjo Jul 23 '19 at 08:07