通过角无法解密CSRF / XSRF令牌Laravel发 [英] Unable to decrypt CSRF/XSRF token in Laravel sent through Angular

问题描述

我使用我的应用程序的angularavel设置。在我的本地设置我并不需要显式地发送 XSRF-TOKEN 通过角HTTP请求。它工作正常laravel。我上传的服务器上相同的设置，并尝试使用我的表单和laravel登录抛出一个标记不匹配错误。因此，我检查了开发工具的请求负载，发现有请求没有XSRF-TOKEN头，就像我在我的地方看看。我相信角生成一个默认情况下，并与每个HTTP请求发送，但不知道为什么它没有在这里。

I am using the angularavel setup for my app. On my local setup i do not need to explicitly send the XSRF-TOKEN with the angular http request. And it works fine with laravel. I uploaded the same setup on the server and tried to login using my form and laravel throws a token mismatch error. Hence I checked the request payload in dev tools and found there is no XSRF-TOKEN header in the request,like I see on my local. I believe angular generates one by default and send it with every http request,but not sure why is it failing here.

我的角度增加了CSRF令牌基于此教程这里使用meta标记方法。我是荟萃
＆LT; META NAME =CSRF令牌的内容='＆LT;？PHP的回声json_en code（csrf_token（））; ？＆GT;'＆GT; //没有编码也试过

在我的.config我有

I added the csrf token in angular based on this tutorial here using the meta tag method. my meta is <meta name="csrf-token" content='<?php echo json_encode(csrf_token()); ?>'> // Also tried without encoding
In my .config I have

$ httpProvider.defaults.headers.common ['X-XSRF-TOKEN'] = $（'元[NAME = CSRF令牌]'）ATTR（内容）;

如果我使用 X-XSRF-TOKEN 我在Encrypter.php线142获得DecryptException：无效数据。
如果我使用 X-CSRF-TOKEN 我得到令牌不匹配错误。
我的要求显示在标题令牌（下面添加）。

$httpProvider.defaults.headers.common['X-XSRF-TOKEN'] = $('meta[name=csrf-token]').attr('content');
If I use X-XSRF-TOKEN I get DecryptException in Encrypter.php line 142:Invalid data. If I use X-CSRF-TOKEN I get Token Mismatch error.
My request shows the token in the header(added below).

Accept:application/json, text/plain, */*
Accept-Encoding:gzip, deflate
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Content-Length:68
Content-Type:application/json;charset=UTF-8
Cookie:PHPSESSID=ySsuvCYycB-9IfZZ29kSF1
Host:demo.abc.com
Origin:http://demo.abc.com
Referer:http://demo.abc.com/hexa/public/
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36 FirePHP/4Chrome
X-FirePHP-Version:0.0.6
X-Wf-Max-Combined-Size:261120
X-XSRF-TOKEN:InhRWmVjcUxZNWVMRWlrWmFXR09vbGdZT1M2Z284c0NqV2x2RWxaN0Mi  -->token

我在哪里commiting错了吗？另外从角的defult令牌似乎集成和何苦大string.whereas一个按功能genrated是一个小的字符串。

Where am I commiting mistake? Also the defult token from angular seems to be integrated and a vry large string.whereas the one genrated by function is a small string.

推荐答案

这是为我工作，我会告诉你相关的片段。

This is what worked for me, I'll show you the relevant snippets.

在我的模板我有以下几点：

In my template I have the following:

<script type="text/javascript">myApp.constant("CSRF_TOKEN", '<?= csrf_token() ?>');</script>

和我有一个工厂，如：

.factory('Product', function($http, CSRF_TOKEN) {    
    return {
        // store a product
        save : function(productData) {            
            return $http({
                method: 'POST',
                url: 'http://localhost/angularjs/public/api/products',
                headers: {'X-CSRF-TOKEN': CSRF_TOKEN},
                data: productData
            });
        },
    }
});

这是所有我需要做的停止接收CSRF令牌相关的错误。

This is all I needed to do to stop receiving csrf token related errors.

这篇关于通过角无法解密CSRF / XSRF令牌Laravel发的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！