How does GB 28181 streaming media server login authentication apply to cross domain scenarios?

For the streaming media server, the existence of login authentication can provide users with certain security protection. Our national standard GB28181 streaming media server provides simple login authentication. After the client successfully logs in through the user name and password, the server returns the cookie of the authentication token, and then continues the interface access. The server reads the token from the cookie for verification.

However, when integrating with the customer system, it is often necessary to complete the authentication process in the customer system. This involves cross domain issues. If you do not log in, 401 will be displayed, which means that you cannot get the return address. Only after the authentication is completed, can you get the correct video stream, as shown in the following figure:

 

 

So, how does this set of authentication process apply to cross domain scenarios?

The client does not have to show save token to cookie. Cross domain configuration is required for all interfaces with EasyGBS
Xhrfields: {withcredentials: true} and crossDomain: true

Front end code:

$(function () {
        $("#upload").click(function() {/ / verify
            getcascade();
        });
        $("#loginout").click(function() {/ / exit
            logout();
        });
        $("#login").click(function() {/ / login
            $.ajax({
                type: "GET",
                url: "http://192.168.99.119:10000/api/v1/login",
                xhrFields: {
                    withCredentials: true
                },
                crossDomain: true,
                data: {
                    username: 'admin',
                    // password: '6977cac4a8b7bb54863c9e56fba40eb6' //admin
                    password: '21232f297a57a5a743894a0e4a801fc3' //admin

                },
                success: function (data) {
                    console.log(data);
                }
            });
        });

        $("#player").click(function() {/ / login
            $.ajax({
                type: "GET",
                url: "http://192.168.99.119:10000/api/v1/stream/start?serial=34020000001320000015&code=34020000001320000002",
                xhrFields: {
                    withCredentials: true
                },
                crossDomain: true,

                success: function (data) {
                    console.log(data);
                }
            });
        });

        function logout() {
            $.ajax({
                type: "GET",
                url: "http://192.168.99.119:10000/api/v1/logout",
                xhrFields: {
                    withCredentials: true
                },
                crossDomain: true,
                success: function (data) {
                    console.log(data);
                }
            });
        }

        function getcascade() {
            $.ajax({
                type: "GET",
                url: "http://192.168.99.119:10000/api/v1/cascade/list",
                xhrFields: {
                    withCredentials: true
                },
                crossDomain: true,
                success: function (data) {
                    console.log(data);
                }
            });
        }

    });

 

 

Published 87 original articles· Zan Zan 10. 60000 visitors+
Private letter follow

Posted on Sun, 12 Apr 2020 09:59:10 -0700 by shoutdots