如何将邮递员用于Laravel $ _POST请求 [英] How to use Postman for Laravel $_POST request

问题描述

我该如何尝试使用Postman向Laravel应用发送发帖请求?

How can I try sending a post request to a Laravel app with Postman?

通常，Laravel有一个csrf_token，我们必须通过POST/PUT请求来传递它.如何在邮递员中获取和发送此值?甚至有可能不关闭 CSRF保护吗?

Normally Laravel has a csrf_token that we have to pass with a POST/PUT request. How can I get and send this value in Postman? Is it even possible without turning off the CSRF protection?

推荐答案

等等，我看错了问题.您想要在不关闭CSRF保护的情况下执行此操作吗?就像巴拉特·盖莱达(Bharat Geleda)所说:您可以制作一条只返回令牌的路由，然后手动将其复制到邮递员的_token字段中.

但是我建议您从如下所示的CSRF保护中排除您的api调用，并在以后添加某种API身份验证.

But I would recommend excluding your api calls from the CSRF protection like below, and addin some sort of API authentication later.

您正在运行哪个版本的laravel?

从5.2开始，仅在使用web中间件的路由上才需要CSRF令牌.因此，使用web中间件将您的api路由置于组外.

Since 5.2 the CSRF token is only required on routes with web middleware. So put your api routes outside the group with web middleware.

有关更多信息，请参见文档中的默认路由文件"标题信息.

See the "The Default Routes File" heading in the documentation for more info.

您可以在VerifyCsrfToken中间件中排除不具有CSRF保护的路由，如下所示:

You can exclude routes which should not have CSRF protection in the VerifyCsrfToken middleware like this:

class VerifyCsrfToken extends BaseVerifier
{
    /**
     * The URIs that should be excluded from CSRF verification.
     *
     * @var array
     */
    protected $except = [
        'api/*',
    ];
}

有关标题，请参见标题文档的从CSRF保护中排除URI" 更多信息.

See the "Excluding URIs From CSRF Protection" heading documentation for more info.

这篇关于如何将邮递员用于Laravel $ _POST请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！