修改代理请求的标头

Question

我是IP限制纯客户端CORs演示应用程序，它与经过身份验证的第三方API交互。我有一个“中间件”服务器运行，我用它来代理从CORs应用程序到第三方API的请求，但我无法将基本身份验证凭据注入这些代理请求。

isAllowed = (req, res, next) -> # Do IP check here.

base64Encode = (unencoded) -> new Buffer(unencoded or '').toString 'base64'

app.all "/demoproxy/*", isAllowed, (req, res) ->

  req.url = "/" + req.url.split("/").slice(2).join("/")

  userPass = base64Encode "#{process.env.DEMO_USERNAME}:#{process.env.DEMO_PASSWORD}"

   # This doesn't work.
   # res.setHeader 'Authorization',  "Basic #{userPass}"

   # This doesn't work either.
   ###res.oldWriteHead = res.writeHead

   res.writeHead = (statusCode, headers) ->

     headers = { }
     headers['Authorization'] = "Basic #{userPass}"
     res.oldWriteHead statusCode, headers###

    proxy = new httpProxy.HttpProxy
      target:
        host: 'remote-api.com'
        port: 80

    proxy.proxyRequest req, res

这样做的正确方法是什么？

Answer 1

我认为你想在这种情况下在request（req）对象上设置授权头，而不是响应（res）。如果remote-api.com需要进行身份验证，那么它需要知道您发送给它的请求。在提出proxy.proxyRequest请求

之前，请尝试以下操作

req.headers["authorization"] = "Basic #{userPass}"

对于req对象，没有setHeader函数，headers属性只是一个javascript对象/ map。希望有所帮助...

Answer 2

以下是一些适合我的代码，例如：

# Demo server requiring basic authentication
servAuth = require("http").createServer (req, res) ->
  if auth = req.headers?.authorization
    res.statusCode = 200
    res.end "Good job, you sent '#{auth}'"
  else
    res.statusCode = 401
    res.end "How about you authenticate first?"
servAuth.listen(8090)

# Proxy server which checks the IP address and then proxies the request
servProxy = require("http-proxy").createServer (req, res, proxy) ->
  checkIP req, (err, isOK) ->
    # something wrong happened even with the IP address checking
    if err
      res.statusCode = 500
      res.end "Sorry, everything got fargled", "ascii"
    # IP address not allowed
    else if not isOK
      res.statusCode = 403
      res.end "You ain't from around here, are you?", "ascii"
    # all good, proxy the request with basic auth added
    else
      userPass = new Buffer("#{process.env.USERNAME}:#{process.env.PASSWORD}", "ascii")
      userPass = userPass.toString("base64")
      req.headers.authorization = "Basic #{userPass}"
      proxy.proxyRequest req, res, {
        host: "localhost"
        port: 8090
      }
servProxy.listen(8080)

# asynchronous IP address checking
checkIP = (req, done) ->
  # TODO: implement whatever custom IP checking
  # this example just says everything is OK
  done( null, true )