问题描述
我创建了一个API网关来触发我的lambda函数。我正在尝试保护调用URL。我了解我们可以使用Lambda Authorizer或APIKEY。我正在尝试使用API密钥,但不确定如何使用访存来传递API密钥。
我还将API链接到API密钥和使用计划。
我正在尝试从客户端访问URL。
invokeurl指的是我的Invoke URL,它将返回JSON对象。 egkeyname是我无法共享的键值。
Client.py:
onMount(async () => {
const res = await fetch('invokeurl',{
method:'get',headers: new Headers ({
'Access-Control-Allow-Origin' : '*','Access-Control-Allow-Methods':'OPTIONS,POST,GET','X-API-KEY' :'egkeyname'
})
}); //wait until the promise return result
data = await res.json();
});
Access to fetch at '..invoke ur...' from origin 'http://localhost:3000' has been blocked by CORS policy: Request header field access-control-allow-origin is not allowed by Access-Control-Allow-Headers in preflight response.
Uncaught (in promise) TypeError: Failed to fetch
获取https:invokeurl net :: ERR_Failed
我的lambda函数:
responSEObject = {}
responSEObject['statusCode'] = 200
responSEObject['headers']={}
responSEObject['headers']['Content-Type'] = 'application/json'
responSEObject['headers']['Access-Control-Allow-Origin'] = '*'
responSEObject['headers']['Access-Control-Allow-Methods'] = 'OPTIONS,GET'
return responSEObject
如何使用APIkey访问URL?
解决方法
自行解决。我在标题中使用了错误的信息。
应该是:
onMount(async () => {
const res = await fetch('invokeurl',{
method:'get',headers: new Headers ({
'Access-Control-Request-Headers': 'Origin,X-Requested-With,Content-Type,Accept,Authorization','Origin' : '*','Access-Control-Request-Method':'OPTIONS,POST,GET','X-API-KEY' :'egkeyname'
})
}); //wait until the promise return result
data = await res.json();
});