Laravel 5.4 护照 axios 总是返回 Unauthenticated [英] Laravel 5.4 passport axios always returns Unauthenticated
问题描述
我已按照此处的指南进行操作:
我在 apache2 ( docker ) 上运行
---- 更新 --
在调试时,它实际上是在 TokenGuard
中的这种方法中失败的 xsrf 令牌:
/*** 通过令牌 cookie 验证传入请求.** @param 请求 $request* @return 混合*/受保护的函数 authenticateViaCookie($request){尝试 {$token = $this->decodeJwtTokenCookie($request);} 捕捉(异常 $e){返回;}# 这没有通过:if (!$this->validCsrf($token, $request) ||时间()> = $令牌['到期']){返回;}if ($user = $this->provider->retrieveById($token['sub'])) {return $user->withAccessToken(new TransientToken);}}
我在 boostrap.js 中有适当的设置:
window.axios = require('axios');window.axios.defaults.headers.common = {'X-Requested-With':'XMLHttpRequest'};
这实际上是一个 Laravel/文档问题.
护照令牌守卫正在寻找 X-CSRF-TOKEN
,但 axios 发送 X-XSRF-TOKEN
.将您的 axios 配置更改为:
window.axios.defaults.headers.common = {'X-CSRF-TOKEN': window.Laravel.csrfToken,'X-Requested-With':'XMLHttpRequest'};
我已经打开了一个 PR,这在未来的 Laravel 版本中应该是默认的.
I've followed the guide here:https://laravel.com/docs/5.4/passport#consuming-your-api-with-javascript
Using axios:
...
mounted: function() {
axios.get('/api/user')
.then(function (response) {
console.log(response)
})
.catch(function (response) {
console.error(response);
});
},
But the response is always unauthenticated, I check to see if a laravel_token cookie is present and it is:
I'm running on apache2 ( docker )
---- Update --
Upon debugging, its actually the xsrf token thats failing in this method in TokenGuard
:
/**
* Authenticate the incoming request via the token cookie.
*
* @param Request $request
* @return mixed
*/
protected function authenticateViaCookie($request)
{
try {
$token = $this->decodeJwtTokenCookie($request);
} catch (Exception $e) {
return;
}
# This is not passing:
if (! $this->validCsrf($token, $request) ||
time() >= $token['expiry']) {
return;
}
if ($user = $this->provider->retrieveById($token['sub'])) {
return $user->withAccessToken(new TransientToken);
}
}
I have the appropriate setup in boostrap.js :
window.axios = require('axios');
window.axios.defaults.headers.common = {
'X-Requested-With': 'XMLHttpRequest'
};
This is actually a Laravel / documentation issue.
The passport token guard is looking for X-CSRF-TOKEN
, but axios sends X-XSRF-TOKEN
. Change your axios configuration to:
window.axios.defaults.headers.common = {
'X-CSRF-TOKEN': window.Laravel.csrfToken,
'X-Requested-With': 'XMLHttpRequest'
};
I've opened an PR and this should be default in future Laravel versions.
这篇关于Laravel 5.4 护照 axios 总是返回 Unauthenticated的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!