Constantly getting 401 errors in loopback while using User Model

前端未结

关注

 2  855

别那么骄傲 2021-01-22 12:06

I am new to loopback and I am not able to extend User Base model properly. Though in explorer it shows that it is extended but all API\'s give a 401 error. ex. In normal get cal

2条回答

借酒劲吻你 (楼主)

2021-01-22 12:59

Seems like you've not logged into the application. Anyway by default most of the functions are not accessible by the settings in user parent class. (This totally is a turn-off)

run the code in the login section

{ "username":"abc", "password":"xyz" }
This action will return the token id.
Enter this id in the top most right corner of the page and click the set token button.
Now you're able to use some of the user function.

Create a model inheriting user

:~/nodejs/lab/user-api$ slc loopback:model
? Enter the model name: customer
? Select the data-source to attach customer to: db (memory)
? Select model's base class: User
? Expose customer via the REST API? Yes
? Custom plural form (used to build REST URL): customers
Let's add some customer properties now.

Enter an empty property name when done.
? Property name: phone
   invoke   loopback:property
? Property type: string
? Required? No

Let's add another customer property.
Enter an empty property name when done.
? Property name:

Granting ACL Access:

 slc loopback:acl
? Select the model to apply the ACL entry to: customer
? Select the ACL scope: All methods and properties
? Select the access type: All (match all types)
? Select the role: All users
? Select the permission to apply: Explicitly grant access

Granting ACL Access once again:

 slc loopback:acl
? Select the model to apply the ACL entry to: customer
? Select the ACL scope: All methods and properties
? Select the access type: All (match all types)
? Select the role: All users
? Select the permission to apply: Explicitly grant access

When we're granting access two times it takes precedence over DENY in the base class. You'll get a result next time.

A sample class with the ACLs. You can try it in a loopback project, it'll work :)

{
  "name": "customer",
  "plural": "customers",
  "base": "User",
  "idInjection": true,
  "options": {
    "validateUpsert": true
  },
  "properties": {
    "phone": {
      "type": "string"
    }
  },
  "validations": [],
  "relations": {},
  "acls": [
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$everyone",
      "permission": "ALLOW"
    },
    {
      "accessType": "READ",
      "principalType": "ROLE",
      "principalId": "$everyone",
      "permission": "ALLOW"
    }
  ],
  "methods": []
}

Please accept answer if it works. It will. Cheers!

0 讨论(0)

查看其它2个回答