如何从浏览器 javascript 访问 thingsboard REST API?

How to access thingsboard REST API from browser javascript?

我是 thingsboard 的新手,我有一个 thingsboard 服务器。我正在尝试访问 thingsboard REST API 并以 CORS 错误结束,因为 OPTIONS 请求返回 401.

这是我的 thingsboard.yml,默认情况下似乎支持“*”

spring.mvc.cors:
  mappings:
    # Intercept path
     "/api/auth/**":
        #Comma-separated list of origins to allow. '*' allows all origins. When not set,CORS support is disabled.
        allowed-origins: "*"
        #Comma-separated list of methods to allow. '*' allows all methods.
        allowed-methods: "POST,GET,OPTIONS"
        #Comma-separated list of headers to allow in a request. '*' allows all headers.
        allowed-headers: "*"
        #How long, in seconds, the response from a pre-flight request can be cached by clients.
        max-age: "1800"
        #Set whether credentials are supported. When not set, credentials are not supported.
        allow-credentials: "true"

我检查了这个问题 Thingsboard No 'Access-Control-Allow-Origin' header is present on the requested resource. angularjs 但我不清楚如何禁用评论中的 OPTIONS 身份验证。我尝试了 link 中的代码,但得到的是 401。

var url = "http://THINGSBOARDURL:PORT/api/customer/d8f7b410-5480-11e9-bc30-bd0cca1006d3/assets?limit=10";

  var xhr = createCORSRequest('GET', url);
  if (!xhr) {
    alert('CORS not supported');
    return;
  }

  // Response handlers.
  xhr.onload = function() {
    var text = xhr.responseText;
    console.log(text);
  };

  xhr.onerror = function() {
    alert('Woops, there was an error making the request.');
  };

xhr.setRequestHeader("Accept", "application/json")
xhr.setRequestHeader("X-Authorization","Bearer JWTTOKEN")
xhr.send();

对“http://URL:PORT/api/customer/d8f7b410-5480-11e9-bc30-bd0cca1006d3/assets?limit=10' from origin 'http://localhost:8100”处的 XMLHttpRequest 的访问已被 CORS 策略阻止:对预检请求的响应未通过访问控制检查:'Access-Control-Allow-Origin' header 不存在于请求的资源。 请帮忙

这是我的错误。 xmlhttprequest 使用的 api 是 /api/customer/.. 等,但 CORS 仅对 /api/auth/**/api/v1/** 启用 它以某种方式错过了我的通知。

我将 thingsboard.yml CORS 部分路径从 /api/v1/** 更改为 /api/**,现在错误没有发生。