So I'm trying to create an API using Laravel, everything was going well until it came to that point where I have to connect it with Angular on another subdomain. I'm using JWT token-based auth which works fine.
I have created a CORS middleware like this:
<?php
namespace App\Http\Middleware;
use Closure;
class Cors
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
return $next($request)
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Methods', 'POST, GET, OPTIONS, PUT, DELETE')
->header('Access-Control-Allow-Credentials', 'true')
->header('Access-Control-Max-Age', '10000')
->header('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-Requested-With');
}
}
Added in Kernel.php and created Route group like this:
Route::group(['middleware' => 'cors'], function () {
Route::group(['prefix' => 'api/v1'], function() {
Route::get('/test', 'MemberController@test');
});
});
I'm trying to create a call that checks if user is authenticated and returns that to angular app so the app knows what to show.
I trued like this:
public function test()
{
if(Auth::check()){
echo "logged in";
} else {
echo "nuno";
}
}
But that returns the page without CORS headers, but if I remove "else" statement and only leave "if auth" it will return the page with headers.
Also, another problem I have is that JWT returns 400 if the token is invalid or not supplied.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire