ajax - File download in Angular and JWT -


tl;dr

how download/save file using angular , jwt authentication without leaving token trail in browser?

my angular/node app secured on https , uses jwt authentication. jwt stored in sessionstorage , passed in authorization header field ajax requests server.

i need functionality in app download file it's automatically saved browser (or popup displayed save etc.).

it should work ideally in browser can run angular.

i have looked @ following:

ajax requests. doesn't work because of inherent security measures preventing browser saving file locally.

pass jwt in cookie - cookies want avoid using, hence reason using sessionstorage.

pass jwt in query string means logged in server logs, , more importantly can seen in browser history.

iframe contains form posts data. can't set header method.

any other options?

the iframe method close. need set server accept jwt body of post rather query string.

it's not elegant solution having use iframe, seems meet requirements. here's directive used:

.directive('filedownload', function () {     return {         restrict: 'a',         replace: false,         template: "<iframe style='position:fixed;display:none;top:-1px;left:-1px;' />",         link: function (scope, element) {             element.click(function() {                 var iframe = element.find('iframe'),                     iframebody = $(iframe[0].contentwindow.document.body),                 form = angular.element("<form method='post' action='/my/endpoint/getfile'><input type='hidden' name='foo' value='bar' /><input type='hidden' name='access_token' value='" + scope.access_token + "' /></form>");                  iframebody.append(form);                 form.submit();             });         }     } });

and in express middleware pop jwt header before validating express-jwt module

if (req.body && req.body.hasownproperty('access_token')) {     req.headers.authorization = 'bearer ' + req.body.access_token; }

Comments

Post a Comment

Popular posts from this blog

php - failed to open stream: HTTP request failed! HTTP/1.0 400 Bad Request -

this code i'm using find latitude , longitude of place: function coords($address){ echo $url="http://maps.googleapis.com/maps/api/geocode/json?address=".$address; $json = file_get_contents(urlencode($url)); $data = json_decode($json, true); print_r($data['results'][0]['geometry']['location']['lat']); print_r($data['results'][0]['geometry']['location']['lng']); } however returns warning: failed open stream: http request failed! http/1.0 400 bad request if use above code in simple procedure works fine not in function. note: have tried curl_init()... method produced same result? instead of encoding whole url encode address part. following code work fine $add='jamshoro phase 2'; $url="http://maps.googleapis.com/maps/api/geocode/json?address=".urlencode($add); $json = file_get_contents($url); $data = json_decode($json, true); print_r($data['r
Read more

java - How to filter a backspace keyboard input -

i have code gives message when key number pressed: txtvalueofclause.addeventfilter(keyevent.key_typed, new eventhandler<keyevent>() { @override public void handle(keyevent t) { char ar[] = t.getcharacter().tochararray(); char ch = ar[t.getcharacter().tochararray().length - 1]; if (!(ch >= '0' && ch <= '9')) { system.out.println("the char entered not number"); t.consume(); } } }); now if press on wrong button , press backspace remove it, error message. how can add backspace input if statement? i have found answer: txtvalueofclause.addeventfilter(keyevent.key_typed, new eventhandler<keyevent>() { @override public void handle(keyevent t) { char ar[] = t.getcharacter().tochararray(); char ch = ar[t.getcharacter().tochar
Read more

java - Show Soft Keyboard when EditText Appears -

i have code in android app, alert dialog , keyboard, , when dialog shown want keyboard appear. not , not sure why? here code: final alertdialog.builder alert = new alertdialog.builder(this); alert.settitle("title"); alert.setmessage("message"); final edittext input = new edittext(this); input.setinputtype(inputtype.type_class_number); alert.setview(input); input.setonfocuschangelistener(new view.onfocuschangelistener() { @override public void onfocuschange(view v, boolean hasfocus) { if (hasfocus) { log.i(tag, "in focus"); inputmethodmanager inputmethodmanager = (inputmethodmanager) getsystemservice(context.input_method_service); inputmethodmanager.showsoftinput(input, inputmethodmanager.show_implicit); } } }); but keyboard not appear though edit text in focus, , tell appear why, doesn't come up? thanks in advance.
Read more