var xhttp = new XMLHttpRequest();
xhttp.onreadystatechange = function() {
if (this.readyState == 4 && this.status == 200) {
console.log(this.response);
console.log(this.responseText);
}
};
xhttp.open("GET", "http://localhost:4000/auth/test", true);
xhttp.withCredentials = true;
xhttp.send();
var express = require('express')
var app = express()
app.get('/auth/test', function (req, res) {
console.log("hitting /auth/test");
res.json({ text: "hello world" });
});
// var cors = require('cors');
// app.use(cors());
app.use(function(req, res, next) {
// Set CORS headers
res.setHeader('Access-Control-Allow-Origin', '*');
res.setHeader('Access-Control-Request-Method', '*');
res.setHeader('Access-Control-Allow-Methods', 'OPTIONS, GET');
res.setHeader('Access-Control-Allow-Headers', '*');
if ( req.method === 'OPTIONS' ) {
res.writeHead(200);
res.end();
return;
}
next();
});
app.listen(4000, function () {
console.log('Example app listening on port 4000!')
});
dashboard:1 XMLHttpRequest cannot load http://localhost:4000/auth/test. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.
I can't use a proxy to access my server, my client is a fork of react-boilerplate on github, the loading doesn't support proxy.
This work fine for proxying request to twitter api 1.1.
var express = require('express');
var app = express();
var cors = require('cors');
app.use(cors());
var request = require('request');
var ClientOAuth2 = require('client-oauth2');
const twitterAuth = new ClientOAuth2({
clientId: '***',
clientSecret: '***',
accessTokenUri: 'https://api.twitter.com/oauth2/token',
authorizationUri: 'https://api.twitter.com/oauth/authorize',
authorizationGrants: ['credentials'],
redirectUri: 'http://www.domain.com/cb',
});
app.get('/auth/twitter', function (req, res) {
twitterAuth.credentials.getToken()
.then(function (user) {
res.json(user.data);
});
});
app.use('/search/twitter/:search', function (req, res) {
var search = req.params.search;
// You need to attach the bearer in Authorization header, it will be reused by our proxy.
var bearer = req.headers.Authorization;
console.log('search', search);
console.log('bearer', bearer);
var url = 'https://api.twitter.com/1.1/search/tweets.json?q=' + search;
var options = {
url: 'https://api.twitter.com/1.1/search/tweets.json?q=' + search,
headers: {
'Authorization': bearer,
'Accept-Encoding': 'gzip'
}
};
req.pipe(request(options)).pipe(res);
});
app.listen(4000, function () {
console.log('Example app listening on port 4000!')
});