Node.js反向代理背后的ArangoDB网络接口-无法连接

Question

我有一个用于身份验证和ArangoDB网络接口反向代理的Node.js后端。我无法弄清楚为什么我不能使用外部URL登录到Web界面。

我到处寻找(google，stack overflow，arangodb git问题线程，arangodb应用程序代码等)，都找不到。我并不受制于下面使用的node-http-proxy模块。如果有人在节点内部以另一种方式做到了这一点。

我见过使用nginx等的示例，但我真的在尝试将所有内容都保存在节点后端，以便能够将代理访问隐藏在我的站点身份验证之后，这样我就不会将Web接口暴露给随机访问。

我希望已经扫清这个障碍的人能帮上忙。

问题：_open/auth请求从未得到响应。我仍然可以从服务器访问http://localhost:8529并正常登录。

预期结果:从http://example.com:8080/_db/_system/_admin/aardvark/index.html#login访问web界面并成功登录。

Chrome Headers网络详情

Request URL: http://example.com:8080/_db/_system/_open/auth
Referrer Policy: no-referrer-when-downgrade

Request Headers:
Provisional headers are shown
Accept: application/json, text/javascript, */*; q=0.01
Authorization: bearer null
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: http://example.com:8080
Referer: http://example.com:8080/_db/_system/_admin/aardvark/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
X-Requested-With: XMLHttpRequest

Form Data:
{"username":"username","password":"password"}: 

有趣的是：http://127.0.0.1:8080/_db/_system/_admin/aardvark/foxxes/fishbowl总是会出现401错误(即使在服务器的本地主机地址和端口上，也会认为这是aardvark.js的错误)

请参见下面的配置文件。

routes.js

// =====================================
// ArangoDB Web interface ============
// =====================================
var httpProxy = require('http-proxy');
var proxy = httpProxy.createProxyServer({followRedirects: true});

// set headers location overwrite per arangodb documentation
proxy.on('proxyReq', function(proxyReq, req, res, options) { 
    proxyReq.setHeader('X-Script-Name', 'http://example.com:8080');
});

proxy.on('error', function(e) {
    console.log(e);
});

app.all('*/_db/*', function(req, res) {
    proxy.web(req, res, {target: 'http://localhost:8529'});
});

/etc/arangodb3/arangod.conf

[frontend]
proxy-request-check=false
version-check=false
[http]
trusted-origin=all
allow-method-override=true

注意:我也尝试过'trusted-origin=*‘(不确定哪一个是正确的)

Answer 1

已解决

希望这能帮助其他人！

我完全忽略了必须手动将post数据从表单传递到代理的事实(本以为它会自动完成)。当您获取post主体并在值的末尾附加一个:"“时，Plus node/arango做了一些奇怪的事情。因此，您必须手动删除它。

// =====================================
// ArangoDB query interface Route ========
// =====================================
// Add the following to the arangodb config file /etc/arangodb3/arangodb.conf
// [frontend]
// proxy-request-check = false
// [http]
// trusted-origin = *
// trusted-origin = all

// Create the proxy
var httpProxy = require('http-proxy');
var proxy = httpProxy.createProxyServer();

// Catch requests, massage the login form json, and pass along to the proxied server
proxy.on('proxyReq', function(proxyReq, req, res, options) {
    var bodyData;
    var contentType = proxyReq.getHeader('Content-Type');

    if (!req.body || !Object.keys(req.body).length) {
        return;
    };
    if (contentType == 'application/json; charset=UTF-8' || contentType == 'application/json') {
        bodyData = JSON.stringify(req.body);
    };

    if (contentType == 'application/x-www-form-urlencoded; charset=UTF-8' || contentType == 'application/x-www-form-urlencoded') {
        bodyData = queryString.stringify(req.body);
    };

    // handle formatting issue with arangodb web form where it appends a :"" to the end of the credentials (i.e. {"username","root","password","password"}:"")
    if (bodyData) {
        if (req.url.substr(-23) == '/_db/_system/_open/auth') {
            proxyReq.write(String(Object.keys(req.body)[0]))
        } else {
            proxyReq.write(bodyData);
            proxyReq.end();
        };
    };
});

  proxy.on('error', function(e) {
      console.log(e);
  });

  // note I have two functions to ensure that a user is logged in and has a specific role before they can login to the database. Insert authentication functions / middleware before the function(req, res) below
  app.all('*/_db/*', function(req, res) { //, isLoggedIn, inRole('admin')
      proxy.web(req, res, {target: 'http://127.0.0.1:8529'});
  });