Web API 2身份验证

I am trying to get authenticated my Mobile App ( for testing running from visual studio) to authenticate my Web API 2 Authentication Token in Single Page APP

But Ajax always cancelled with status cancelled

I have enabled CORS as below

var cors = new EnableCorsAttribute("*", "*", "*") {SupportsCredentials = true};
config.EnableCors(cors);

//Use only bearer token authentication
            config.SuppressDefaultHostAuthentication();

Web Config

 <system.web>
    <authentication mode="None" />
    <compilation debug="true" targetFramework="4.5" />
    <httpRuntime targetFramework="4.5" />
    <roleManager enabled="true" />
    <httpModules>
      <add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah" />
      <add name="ErrorMail" type="Elmah.ErrorMailModule, Elmah" />
      <add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah" />
    </httpModules>
  </system.web>

My Ajax Request

 $.ajax('http://retail.leap-tel.com/token', {
                type: "POST",
                data: data,
                xhrFields: {
                    withCredentials: true
                }

Chorme Developer tools Log

Status : Cancelled

Request URL:http://retail.leap-tel.com/token
Request Headersview source
Accept:*/*
Cache-Control:no-cache
Content-Type:application/x-www-form-urlencoded; charset=UTF-8
Origin:http://localhost:1539
Pragma:no-cache
Referer:http://localhost:1539/index.html
User-Agent:Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Form Dataview sourceview URL encoded

I made some changes in DurandalAuth for enabling CORS and created a sample Javascript client in another repo

Check it out

https://github.com/yagopv/DurandalAuth/commit/4e7c09bc589345c946319b42d320e2b4d8313573

https://github.com/yagopv/DurandalAuthjsclient

Perhaps your main issue is about using the default Web API CORS attribute. You should use Microsoft.Owin.Cors attribute instead for working with the Owin middleware

public static void Register(HttpConfiguration config)
{
    var corsAttribute = new EnableCorsAttribute("*", "*", "*");
    config.EnableCors(corsAttribute);

    // Web API configuration and services
    // Web API routes
    config.MapHttpAttributeRoutes();
}

Add cors attribute in webapiConfig class register method for application level.