如何处理oauth2和csrf令牌Laravel [英] How to handle oauth2 and csrf token laravel
问题描述
我安装了Laravel 5.2和 oAuth2服务器Laravel
在我的项目中.我必须对网站和web-api使用相同的功能.对于网站,我的功能正常运行,但是当我对web-api使用相同的功能时,显示错误TokenMismatchException in VerifyCsrfToken.php line 67:
.
I installed Laravel 5.2 and oAuth2 Server Laravel
in my project. I have to use same function for web-site and web-api. For web-site my function is working properly but when I use same function for web-api shown error TokenMismatchException in VerifyCsrfToken.php line 67:
.
我的路线
/* for web*/
Route::post('admin/user_login', 'Auth\AuthController@authenticate');
/* for mobile api */
Route::group(['prefix'=>'api/','before' => 'oauth'], function()
{
Route::post('/user/login', 'Auth\AuthController@authenticate');
});
当我将此控制器用于Web时,此代码可以正常工作,但是当我调用API时,该时间显示错误.我该如何处理?我必须同时使用 oAuth 路由和网络路由.预先感谢.
When I use this controller for web, this code working fine but when I call API that time shown error. How I can handle this? I have to use oAuth route and web route parallel. Thanks in advance.
推荐答案
您必须对以api开头的路由禁用csrfToken验证,以编辑您的app/Http/Middleware/VerifyCsrfToken.php
文件并在$ except数组中将api/*
添加到示例文件中来自laravel应用仓库的信息如下
you have to disable csrfToken verification for routes starting with api to do that edit your app/Http/Middleware/VerifyCsrfToken.php
file and add api/*
in the $except array the sample file from laravel app repo is as below
https://github.com/laravel /laravel/blob/5.2/app/Http/Middleware/VerifyCsrfToken.php
只需使其像
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;
class VerifyCsrfToken extends BaseVerifier
{
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
'api/*'
];
}
您还必须从身份验证路由中删除oauth中间件,因为在身份验证期间令牌不可用,因此路由如下所示
also you have to remove oauth middleware from authenticate route, because during authentication the token is not available so route goes something like below
Route::group(['prefix'=>'api/'], function()
{
Route::post('/user/login', 'Auth\AuthController@authenticate');
Route::group(['middleware' => 'oauth'], function() {
// routes which needs oauth token verification.
})
});
这篇关于如何处理oauth2和csrf令牌Laravel的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!