在 Laravel 中设置授权 header
Set Authorization header in Laravel
我在 react/redux 上有一个 laravel 后端和一个网站。我正在尝试使用 superagent-bluebird-promise 从我的前端在特定 url 上传递我的 JWT 令牌,但我一直收到
No 'Access-Control-Allow-Origin' header is present on the requested resource
错误。我看过每一篇文章,但无法弄清楚。
这是我前端的代码:
import request from 'superagent-bluebird-promise'
......
requestPromise= request.get(API_URL + action.url);
if(action.token)
requestPromise.set("Authorization","Bearer "+ action.token).withCredentials();
requestPromise.query({ // add query (if get)
...action.data,
});
在我的 laravel 我有这个 .htaccess
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ / [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
我还有一个 CORS 中间件来允许这个 header 它永远不会到达这里,因为这个代码 运行:
public function handle($request, Closure $next)
{
$origin = 'https://mywebsite.com';
return $next($request)
->header('Access-Control-Allow-Origin', $origin)
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->header('Access-Control-Allow-Headers','Authorization')
->header('Access-Control-Allow-Credentials','true');
;
}
如果有帮助,我也在运行在docker/nginx设置中设置我的laravel
我通过将我的 cors 中间件添加到 kernel.php
中的全局中间件来解决这个问题
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\App\Http\Middleware\Cors::class,
];
我在 react/redux 上有一个 laravel 后端和一个网站。我正在尝试使用 superagent-bluebird-promise 从我的前端在特定 url 上传递我的 JWT 令牌,但我一直收到
No 'Access-Control-Allow-Origin' header is present on the requested resource
错误。我看过每一篇文章,但无法弄清楚。 这是我前端的代码:
import request from 'superagent-bluebird-promise'
......
requestPromise= request.get(API_URL + action.url);
if(action.token)
requestPromise.set("Authorization","Bearer "+ action.token).withCredentials();
requestPromise.query({ // add query (if get)
...action.data,
});
在我的 laravel 我有这个 .htaccess
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ / [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
我还有一个 CORS 中间件来允许这个 header 它永远不会到达这里,因为这个代码 运行:
public function handle($request, Closure $next)
{
$origin = 'https://mywebsite.com';
return $next($request)
->header('Access-Control-Allow-Origin', $origin)
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->header('Access-Control-Allow-Headers','Authorization')
->header('Access-Control-Allow-Credentials','true');
;
}
如果有帮助,我也在运行在docker/nginx设置中设置我的laravel
我通过将我的 cors 中间件添加到 kernel.php
中的全局中间件来解决这个问题 protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\App\Http\Middleware\Cors::class,
];