How do I get my x-auth token from Header?

loginNow(){

    let loginInfo = {
    "email": "mpi5@gmail.com",
    "password": "123456!"
    }
    let headers = new Headers();
    headers.append('Content-Type', 'application/json');
    

    this.http.post("http://10.227.6.20:5000/api/v1/users/login", JSON.stringify(loginInfo),{headers: headers})        
    .subscribe(res => {            
        console.log('Login');
        console.log(res)
        console.log(res.url)
        console.log(res.headers.get('Date'));
        console.log(res.json());            
        console.log(res.headers.get('23423434'));            
        
    }, (err)=>{
        console.log('POST failed')            
        console.log(err)            
    }        
    );          
}

My console.log(res) does not include it for some reason, but I can see the token in Chromes’s inspect network under Response Headers.

Bump please. I feel like this is a simple overlook.

Please post the actual headers and what you are seeing.

Response Headers
Connection:keep-alive
Content-Length:233
Content-Type:application/json; charset=utf-8
Date:Thu, 13 Jul 2017 20:51:25 GMT
ETag:W/"e9-dAm4TeMYmQmqceqlRz9KS8/aHzE"
set-cookie:connect.sid=s%3A5pJdejXXEuOJKlcZ9qYzKMq1fRNdSSxI.sqAyNLgEqzA8itPmvFqwoJBPQ8UvanKS5JbccrDEk%2FE; Path=/; HttpOnly
x-auth:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI1OTYzZTM0ZjI1OWVjZTI3MGMwZjYyMzYiLCJhY2Nlc3MiOiJhdXRoIiwiaWF0IjoxNDk5OTc5MDg1fQ._g3h1M6BcTs3GDhLvz9QZCI2f0SwBB5hTeXbqHcmbNU
X-Powered-By:Express

I am trying to get the x auth, but I can only get:

Response {_body: “{”_id":“5963e34f259ece270c0f6236”,“email”:“mpi5@gm…cribed”,“email_subscription_status”:“Subscribed”}", status: 200, ok: true, statusText: “OK”, headers: Headers…}

What is in headers? console.log that please.

        **console.log(headers);**

Headers {_headers: Map(2), _normalizedNames: Map(2)}
_headers
:
Map(2)
size
:
(…)
proto
:
Map
[[Entries]]
:
Array(2)
0
:
{“content-type” => Array(1)}
1
:
{“access-control-allow-origin” => Array(1)}
length
:
2
_normalizedNames
:
Map(2)
proto
:
Object

        **console.log(response);**

Response {_body: “{”_id":“5963e34f259ece270c0f6236”,“email”:“mpi5@gm…cribed”,“email_subscription_status”:“Subscribed”}", status: 200, ok: true, statusText: “OK”, headers: Headers…}

        **console.log(response.headers);**

Headers {_headers: Map(1), _normalizedNames: Map(1)}
_headers
:
Map(1)
size
:
(…)
proto
:
Map
[[Entries]]
:
Array(1)
0
:
{“content-type” => Array(1)}
length
:
1
_normalizedNames
:
Map(1)
proto
:
Object

Yeah that is not helpful. I need to see the full list of headers that you actually get.

My guess:

You only get those headers: https://fetch.spec.whatwg.org/#cors-safelisted-request-header Which means you have a CORS issue. Does your app first make an OPTIONS request before the actual POST? Then you have to implement stuff in the server to make it work: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers for x-auth so it gets forwareded to the app and not removed.

That actually helps me alot. I believe it could be fixed by exposing the ‘x-auth’ header. I will come back with a log.