Laravel 5.4护照axios始终返回未经身份验证的 [英] Laravel 5.4 passport axios always returns Unauthenticated
问题描述
我在这里遵循了指南: https://laravel.com/docs/5.4/passport#taking-your-api-with-javascript
I've followed the guide here:https://laravel.com/docs/5.4/passport#consuming-your-api-with-javascript
使用axios:
...
mounted: function() {
axios.get('/api/user')
.then(function (response) {
console.log(response)
})
.catch(function (response) {
console.error(response);
});
},
但是响应始终未经身份验证,我检查是否存在laravel_token cookie,并且它是:
But the response is always unauthenticated, I check to see if a laravel_token cookie is present and it is:
我正在apache2(docker)上运行
I'm running on apache2 ( docker )
----更新-
调试后,实际上它的xsrf令牌在TokenGuard中的此方法中失败:
Upon debugging, its actually the xsrf token thats failing in this method in TokenGuard:
/**
* Authenticate the incoming request via the token cookie.
*
* @param Request $request
* @return mixed
*/
protected function authenticateViaCookie($request)
{
try {
$token = $this->decodeJwtTokenCookie($request);
} catch (Exception $e) {
return;
}
# This is not passing:
if (! $this->validCsrf($token, $request) ||
time() >= $token['expiry']) {
return;
}
if ($user = $this->provider->retrieveById($token['sub'])) {
return $user->withAccessToken(new TransientToken);
}
}
我在boostrap.js中有适当的设置:
I have the appropriate setup in boostrap.js :
window.axios = require('axios');
window.axios.defaults.headers.common = {
'X-Requested-With': 'XMLHttpRequest'
};
推荐答案
这实际上是Laravel/文档问题.
This is actually a Laravel / documentation issue.
护照令牌守卫正在寻找X-CSRF-TOKEN,但是axios发送X-XSRF-TOKEN.将axios配置更改为:
The passport token guard is looking for X-CSRF-TOKEN, but axios sends X-XSRF-TOKEN. Change your axios configuration to:
window.axios.defaults.headers.common = {
'X-CSRF-TOKEN': window.Laravel.csrfToken,
'X-Requested-With': 'XMLHttpRequest'
};
我已经打开了 PR ,这在将来的Laravel版本中应该是默认设置.
I've opened an PR and this should be default in future Laravel versions.
这篇关于Laravel 5.4护照axios始终返回未经身份验证的的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
