1. 首頁
  2. 問答
  3. Laravel護照與Dropzonejs

Laravel護照與Dropzonejs

2017-03-15 93 views
7

我正在開發一個運行Laravel Passport的API層的項目。我已經將createFreshApiToken添加到我的應用程序中,並且我所有的jQuery ajax請求都可以正常工作。Laravel護照與Dropzonejs

今天我整合了DropzoneJS,當我嘗試上傳文件時,它得到了401未授權的文件。我檢查了請求標頭,並在Cookie標頭中設置了laravel_token。

當請求標頭中包含laravel_token時,會導致Laravel Passport發出401未經授權的響應?

General 
Request URL:http://api.ryno.dev/api/post/photo 
Request Method:POST 
Status Code:401 Unauthorized 
Remote Address:127.0.0.1:80 

Response Headers 
Cache-Control:no-cache 
Connection:Keep-Alive 
Content-Length:28 
Content-Type:application/json 
Date:Wed, 15 Mar 2017 16:36:27 GMT 
Keep-Alive:timeout=5, max=100 
Server:Apache/2.2.31 (Unix) mod_wsgi/3.5 Python/2.7.12 PHP/7.0.12 mod_ssl/2.2.31 OpenSSL/1.0.2j DAV/2 mod_fastcgi/2.4.6 mod_perl/2.0.9 Perl/v5.24.0 
X-Powered-By:PHP/7.0.12 
X-RateLimit-Limit:60 
X-RateLimit-Remaining:59 


Request Headers 
Accept:application/json 
Accept-Encoding:gzip, deflate 
Accept-Language:en-US,en;q=0.8 
api-version:1 
Cache-Control:no-cache 
Connection:keep-alive 
Content-Length:4802 
Content-Type:multipart/form-data; boundary=---- WebKitFormBoundaryEqAfOqBqekRWHC6B 
Cookie:laravel_token=eyJpdiI6InJzRG5SNkVmYW1GMDJmd3pPTUhnWmc9PSIsInZhbHVlIjoiUk1iU01XVm9Ydytyb3NXUDlEVngwUnlGUXNhSkdvcFFpaXhwNSt6XC9XXC9TOHlcL3MxWjl2MkVxU1NCNjV6bmNka2w3dlNlTmJrRXVTVkVhQnZOd1dwZTRpaXdscll1WHVsUm1CMHBkbVdiNVprZXZmT2pRaTdySjRXRzhWY1FGV25JNm5qXC9TNzV6dEJzKzlsclZwRDVMczF6TVduODJIa0s1MVNQSXRMc2dteWtuU1lpdGJUQVJRS3BlS2E5dmd2Vlg2QXJzMldHQUM2Uk15RldUWnF4bXlcL1AzNTgwc1Q3YWpTVWIyVHYrYjN5QllzNGt3TDJcL1VsYmt6UFpudDVFaTdpK2JMZ01RcTRcL2lySUFRQ1hxaXF3PT0iLCJtYWMiOiJmODZiMzg1M2QyYjNlYmUwZWI2NWI3OWY0OTZjMDIxNjYwYjc3MGQxZGZjYzg2ZmQ1M2FjMTA1NDRiODAwZWVmIn0%3D; XSRF-TOKEN=eyJpdiI6IlNha2syNGFldngrM2FZUU9ZeEpNWUE9PSIsInZhbHVlIjoiVEM1RllaaGl1XC9UUWg4b2RuVkNlcnhod1EzXC9xSG9SN0w2dEZiV3RKbDJwQXdTeWtZS0pMODBEOFJvM1V1emNZdEJmOGJISFwvUjNkd2pBK2NXcTRlM2c9PSIsIm1hYyI6IjljMjg0MTI2NDFmNmYzNGU2ZmJiMWE4ODg3OGE4NWVmNmVhYzc5YzI4ZmNkYTRjZDI2M2Y1YWYwZjIzNzc2NGIifQ%3D%3D; laravel_session=eyJpdiI6IjBzRHhqcWRPdmdleVhlcURuOG4rYVE9PSIsInZhbHVlIjoiTkYzOHpiQ2dyY2tHSmV2Znl4RUpiNWdHZVBMaVJNaEI5YWdOcXVRRzdsSEZqMFp5cXFWOVBjYjBobmxLSXhJUFBab1JRbTZxUVhkekZVNjY3OUVkYmc9PSIsIm1hYyI6ImIxNjA0Y2E1NDdjNDc5YzA4NGYxNTgyMTNiMjdiY2RlODg0MzFjMDQ3N2ZjMTZiNDlmN2Q5Zjg3NWU0YTc1NWEifQ%3D%3D 
Host:api.ryno.dev 
Origin:http://api.ryno.dev 
Pragma:no-cache 
Referer:http://api.ryno.dev/post 
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 
X-Requested-With:XMLHttpRequest 


Request Payload 
------WebKitFormBoundaryEqAfOqBqekRWHC6B 
Content-Disposition: form-data; name="file";  filename="10690061_724847794275121_4784866042446245380_n.jpg" 
Content-Type: image/jpeg 


------WebKitFormBoundaryEqAfOqBqekRWHC6B--

來源

2017-03-15 Joseph Crawford

回答

0

按照Laravel文檔的JavaScript API認證:

如果您使用的是不同的JavaScript框架,你應該 確保它被配置爲發送X-CSRF-TOKEN和X - 需要 - 帶有每個傳出請求的 標題。

我看到您的POST請求中缺少X-CSRF-TOKEN。你可以嘗試添加,看看它是否工作。

來源

2017-03-29 06:14:11

+0

我確實已經將它添加到jQuery的每個ajax請求中了,也許我需要設置Dropzone的特定內容? –

+0

你可以嘗試添加令牌作爲formData的一部分,如下所示:function(file,xhr,formData){formData.append(「_ token」,「{{csrf_token()}}」); }, –

0

即使您在元標題下添加csrf_token()。它的標記不會被dropzone js識別。 而不是手動添加它爲dropzone。

<input type="hidden" class="leads_token" value="{{ csrf_token() }}"> 

Dropzone.options.dropzoneBox = { 
    url: APP_URL + "yourpath", 
    params: { 
     _token: $('.leads_token').val() 
    }, 
}

來源

2017-05-03 14:14:57

相關問題

 相關問題