这是我的第一篇文章，因为我找不到任何解决我的问题的方法。（现在谷歌了几天）我不是程序员，我是一个好的谷歌人：）

我正在尝试使用用户名，密码和一些选项登录网站。（/api/login/Basic）之后，我尝试访问一个网站。（/api/sitemaster/run）但在这里，我收到消息：“用户没有足够的访问权限”如果我使用浏览器执行此操作，一切正常。

我想我需要将一些Authtoken传递给Get请求，但我没有线索。

这里是我的代码片段：

//这工作正常

const toSend = {
    email :"my@mail.com",
    force_sm_off: false,   //I have no clue (found from Net Sniffing of the original Application)
    password:"mypassword",
    username:"installer"}

const jsonString = JSON.stringify(toSend)  ;
const xhr = new XMLHttpRequest() ;
process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = 0 //I have no certificate and only access the Site in my local network

xhr.open("POST", "https://192.168.2.77/api/login/Basic",false,"Provider_Engineer","mypassword" ) ;
xhr.setRequestHeader ("Content-Type", "application/json") ;
xhr.withCredentials=true ;
xhr.onreadystatechange = function() {
     const myresponse = JSON.parse(this.responseText) ; //myresponse contains: email, firstname, lastname,    roles: Array(1), token
       var myauth=myresponse.token //Saving Token for further use


   //fine until here

   //Now I'm trying to get the Page

    const xhr1 = new XMLHttpRequest() ;
    process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = 0
    xhr1.open("GET", "https://tesla/api/sitemaster/run",false ) ;
    xhr1.setRequestHeader ("Content-Type", "application/json") ;
    xhr1.setRequestHeader ("credentials", "same-origin") ;
    xhr1.setRequestHeader ("AuthCookie", myauth) ;  //In Browser F12 I can see AuthCookie and Userrecord
    xhr1.onreadystatechange = function() {
         console.log(this.responseText)  //getting Message: User does not have adequate access rights
    }     
    xhr1.send(null)
};
xhr.send(jsonString) ; //Post Request, that is working fine

任何建议，我如何访问这个网站？

关于斯特凡