Swagger/OpenAPI definition:
swagger: '2.0'
info:
title: API
version: 1.0.0
host: 127.0.0.1:3001
schemes:
- http
basePath: /
securityDefinitions:
apikey:
type: apiKey
name: authorization
in: header
produces:
- application/json
paths:
/token:
post:
summary: get token
description: >-
get token.
parameters:
- name: "body"
in: "body"
description: "use name:token-client-id"
schema:
properties:
name:
type: 'string'
tags:
- auth
responses:
'200':
description: A jwt token
schema:
type: object
items:
$ref: '#/definitions/accountRsp'
/account/{accountNo}:
get:
summary: get account info
parameters:
- name: accountNo
in: path
description: Latitude component of start location.
required: true
type: string
security:
- apikey: []
tags:
- account
responses:
'200':
description: An account info
schema:
type: object
items:
$ref: '#/definitions/accountRsp'
definitions:
accountRsp:
properties:
code:
type: string
success:
type: boolean
data:
type: object
1銆乮 try /token ,get a token first
2銆乮 click Authorize button, input the token value
3銆乮 try /account/{accountNo} , get a response: TypeError: Failed to fetch
General:
Request URL: http://127.0.0.1:3001/account/12345678
Request Method: OPTIONS
Status Code: 500 Internal Server Error
Remote Address: 127.0.0.1:3001
Referrer Policy: no-referrer-when-downgrade
Response Headers:
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PUT, UPDATE, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 1192
Content-Security-Policy: default-src 'self'
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Jun 2018 02:28:08 GMT
X-Content-Type-Options: nosniff
X-Powered-By: Express
Request Headers:
Accept: /
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Cache-Control: no-cache
Connection: keep-alive
Host: 127.0.0.1:3001
Origin: http://127.0.0.1:8082
Pragma: no-cache
Referer: http://127.0.0.1:8082/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36
how to make the authorization in request headers?
@delim29, your OPTIONS preflight request isn't being handled correctly by your server, which is a CORS issue.
See our documentation on this here: https://github.com/swagger-api/swagger-ui/blob/master/docs/usage/cors.md
@delim29 by the way, this response schema is not valid:
schema:
type: object
items:
$ref: '#/definitions/accountRsp'
The items keyword is used with arrays, not with objects.
Looks like it should be:
schema:
$ref: '#/definitions/accountRsp'
app.use(function (req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, UPDATE, DELETE, OPTIONS');
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, api_key, Accept, Authorization');
res.header('Content-Type', 'application/json');
next();
});
this is my server config with CORS, and i can get token from server ,but can't send token to server
thanks all.
i had solved the problem;
app.use(function (req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, UPDATE, DELETE, OPTIONS');
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, api_key, Accept, Authorization');
res.header('Content-Type', 'application/json');
if('OPTIONS'===req.method){
res.send(200);
}else{
next();
}
});
Most helpful comment
@delim29 by the way, this response schema is not valid:
The
itemskeyword is used with arrays, not with objects.Looks like it should be: