How to send "Cookie" in request header for all the requests in Angular2?
Actually , our backend authenticate the request using Cookie in the request header. I know that it will refuse if I set a header "Cookie". So , is there a way to send a Cookie to the back end ?
Solution 1:
I guess that there is a phase where you ask the server to authenticate you. Following this (and if the authentication is successful), the server will return a cookie in the response. The browser will store this cookie and send it again for each call.
That said, in the case of cross domain requests (CORS), you need to set the withCredentials
of XHR to true
to make the browser add cookies in your requests.
To enable this with Angular2, we need to extend the BrowserXhr
class as described below:
@Injectable()
export class CustomBrowserXhr extends BrowserXhr {
constructor() {}
build(): any {
let xhr = super.build();
xhr.withCredentials = true;
return <any>(xhr);
}
}
and override the BrowserXhr
provider with the extended:
bootstrap(AppComponent, [
HTTP_PROVIDERS,
provide(BrowserXhr, { useClass: CustomBrowserXhr })
]);
See this questions for more details:
- Set-cookie in response not set for Angular2 post request
- xmlhttprequest and set-cookie & cookie
Edit (following the freaker's comment)
From RC2, you can use the withCredentials
property directly within the request configuration as described below:
this.http.get('http://...', { withCredentials: true })
Edit (following the [maxou] comment)
Remember to include withCredentials: true on every request.
Solution 2:
In Angular5 you can write a Http Interceptor:
auth.interceptor.ts
import { Observable } from 'rxjs/Observable';
import { HttpInterceptor, HttpRequest, HttpHandler, HttpEvent } from '@angular/common/http';
import { Injectable } from '@angular/core';
@Injectable()
export class AuthInterceptor implements HttpInterceptor {
constructor() {}
intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
request = request.clone({
withCredentials: true
});
return next.handle(request);
}
}
And add to providers array of app.module
app.module.ts
import { AuthInterceptor } from './services/auth.interceptor';
import { HTTP_INTERCEPTORS } from '@angular/common/http';
import { HttpClientModule } from '@angular/common/http';
imports: [
BrowserModule,HttpClientModule,FormsModule
],
providers: [
{
provide: HTTP_INTERCEPTORS,
useClass: AuthInterceptor,
multi: true,
}
]