2017-04-04 131 views
0

我有一個laravel後端和一個關於react/redux的網站。我試圖用superagent-bluebird-promis E要傳遞從我的前端特定的URL我的JWT令牌,但我不斷收到在Laravel中設置授權標頭

否「訪問控制允許來源」標頭出現在所請求的資源

錯誤。我已經看過每一篇文章,但無法弄清楚。 這裏是我的前端代碼:

import request from 'superagent-bluebird-promise' 
...... 
requestPromise= request.get(API_URL + action.url); 
     if(action.token) 
     requestPromise.set("Authorization","Bearer "+ action.token).withCredentials(); 

    requestPromise.query({ // add query (if get) 
     ...action.data, 
    }); 

在我laravel我有這樣的.htaccess

<IfModule mod_rewrite.c> 
<IfModule mod_negotiation.c> 
    Options -MultiViews 
</IfModule> 

RewriteEngine On 

# Handle Authorization Header 
RewriteCond %{HTTP:Authorization} ^(.*) 
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] 

# Redirect Trailing Slashes If Not A Folder... 
RewriteCond %{REQUEST_FILENAME} !-d 
RewriteRule ^(.*)/$ /$1 [L,R=301] 

# Handle Front Controller... 
RewriteCond %{REQUEST_FILENAME} !-d 
RewriteCond %{REQUEST_FILENAME} !-f 
RewriteRule^index.php [L] 

,我也有一個CORS中間件,讓這頭,它從來沒有得到到這裏爲此代碼運行:

public function handle($request, Closure $next) 
{  
     $origin = 'https://mywebsite.com'; 


    return $next($request) 
     ->header('Access-Control-Allow-Origin', $origin) 
     ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS') 
     ->header('Access-Control-Allow-Headers','Authorization') 
     ->header('Access-Control-Allow-Credentials','true'); 
    ; 
} 

我也跑我的laravel我N A泊塢窗/ nginx的設置是否有助於

回答

0

我kernel.php

protected $middleware = [ 
    \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, 
    \App\Http\Middleware\Cors::class, 
]; 
修復了這個問題,加入我的CORS中間件全球中間件