Basic Auth always returns a 401 before it works

[DanKaplanSES]

hi, I've implemented basic auth using angular and I've described how here: http://stackoverflow.com/questions/17959563/how-do-i-get-basic-auth-working-in-angularjs/17959564#17959564 But here's the weird thing: Even though this works correctly, the javascript console always reports a 401 FIRST and then it works. And I can see from the debugger that it's only going through my controller once. So that means some internal angular code is causing this to occur.

Here's what the console says (google chrome):

 Refused to set unsafe header "Access-Control-Request-Headers" angular.js:9271
 Failed to load resource: the server responded with a status of 401 (Unauthorized) http://localhost:8888/app/api/v1/pets

But the thing is, my $http call is NOT getting an error and it IS getting the correct data back.

[pkozlowski-opensource]

@tieTYT I can see from SO that you've figured it out.

We want to keep GitHub issues for bug reports and feature requests so closing this one for now. Please re-open with a clear reproduce scenario if you still believe that there is a bug in AngularJS.

[DanKaplanSES]

Can you give me a little direction on how to do this? It requires a restful api with basic auth. I'm most familiar with Java so you'd need to setup a webapp with an app server (tomcat, jboss, etc.) to get it running. Am I supposed to present code to set that part up?

Assuming that's there, the code in the link I've given can be used to reproduce the issue. If you want, I can edit the issue here to inline that code.

[DanKaplanSES]

@pkozlowski-opensource Actually, if you note the bottom of my answer on SO is where I'm reporting the issue here. I still think this is a legitimate bug. I got it "working" from a functional standpoint but angular is reporting an error in the console. The error it's reporting is what I made this issue for. I think angular should not be reporting an error.

[snahor]

@tieTYT perhaps is an OPTIONS request, and your API doesn't accept preflight requests.

[autoferrit]

I am having the same issue. I cannot authorize with my own api. from the command line if I do a curl request, both get and options, all the auth and allow origins headers are set properly. but as soon as angular requests it, i get a 401 error. I have also tried setting the domain whitelist, but seemed to have no effect.

app.factory('AuthService', ['$http', '$resource', 'Base64', function($http, $resource, Base64) {
  $http.defaults.headers.common['Authorization'] = 'Base ' + Base64.encode('user:pass')

  return $resource('http://remoteUrl.com/auth', {},
  {
    get: { method : 'GET' },
    options: { method : 'OPTIONS' }
  }
})

based on examples, i have also tried putting the 'headers' object in the get/options methods. but nothing works. in safari, it ignores the preflight error and logs me in. chrome, just halts on the error and doesnt move forward.

[snahor]

@luckysmack It seems your API doesn't support preflight requests. Please read this: https://dvcs.w3.org/hg/cors/raw-file/tip/Overview.html#preflight-request.

[Narretz]

This looks like it's most likely a CORS problem. Closing, but feel free to reopen with a reproduction, or similar

[shobaarava]

Is it 'Base ' + Base64.encode('user:pass') or 'Basic ' + Base64.encode('user:pass')

[suraj-karale]

$ npm install angular-split
npm ERR! code E401
npm ERR! 404 401 Unauthorized: angular-split@latest

npm ERR! A complete log of this run can be found in:
npm ERR! C:\Users\suraj.karale\AppData\Roaming\npm-cache_logs\2018-03-20T05_12_32_864Z-debug.log

any one know why this error throw when npm installation process in progress?