Laraveljwt使用组外中间件
Laravel jwt uses middleware outside group
我试图在某些 api 调用中检查并刷新我的令牌,因此我创建了自己的中间件并将其添加到我的 Kernel.php $routeMiddleware 中。
然后我将其添加到我要检查的中间件组中,并在必要时刷新令牌。
但是,当我登录时,它也会调用此中间件,尽管登录调用不在中间件组内,因此我收到 500 错误:"The token could not be parsed from the request"。
我还注意到即使从组中间件中删除 'cors' 时也会调用中间件...
任何帮助将不胜感激!
这是中间件的代码:
class Cors
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$response = $next($request);
try
{
if (! $user = JWTAuth::parseToken()->authenticate() )
{
return response()->json(['user_not_found'], 404);
}
}
catch (TokenExpiredException $e)
{
try
{
$refreshed = JWTAuth::refresh(JWTAuth::getToken());
$response->header('Authorization', 'Bearer ' . $refreshed);
}
catch (JWTException $e)
{
return response()->json(['couldnt refresh token'], 404);
}
$user = JWTAuth::setToken($refreshed)->toUser();
}
catch (JWTException $e)
{
return response()->json(['error trying to parse token'], 404);
}
Auth::login($user, false);
return $response;
}
}
这些是我的路线:
Route::group(['middleware' => ['api','jwt.auth', 'cors']], function() {
Route::get('logout', 'AuthController@logout');
Route::get('user', 'AuthController@getUser');
Route::get('movies/{page}', 'MovieController@index');
Route::get('movie/{id}', 'MovieController@getMovieByID');
Route::get('movies/search/{string}', 'MovieController@getMovieByTitleGenreDirector');
Route::get('movie/{id}/recommendations', 'MovieController@getMovieRecommendations');
});
糟糕,我好像忘了从 RouteServiceProvider.php
中删除 "cors"
protected function mapApiRoutes()
{
Route::prefix('api')
->middleware(['api', 'cors'])
->namespace($this->namespace)
->group(base_path('routes/api.php'));
}
现在可以按预期工作了。
我试图在某些 api 调用中检查并刷新我的令牌,因此我创建了自己的中间件并将其添加到我的 Kernel.php $routeMiddleware 中。 然后我将其添加到我要检查的中间件组中,并在必要时刷新令牌。 但是,当我登录时,它也会调用此中间件,尽管登录调用不在中间件组内,因此我收到 500 错误:"The token could not be parsed from the request"。 我还注意到即使从组中间件中删除 'cors' 时也会调用中间件... 任何帮助将不胜感激!
这是中间件的代码:
class Cors
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$response = $next($request);
try
{
if (! $user = JWTAuth::parseToken()->authenticate() )
{
return response()->json(['user_not_found'], 404);
}
}
catch (TokenExpiredException $e)
{
try
{
$refreshed = JWTAuth::refresh(JWTAuth::getToken());
$response->header('Authorization', 'Bearer ' . $refreshed);
}
catch (JWTException $e)
{
return response()->json(['couldnt refresh token'], 404);
}
$user = JWTAuth::setToken($refreshed)->toUser();
}
catch (JWTException $e)
{
return response()->json(['error trying to parse token'], 404);
}
Auth::login($user, false);
return $response;
}
}
这些是我的路线:
Route::group(['middleware' => ['api','jwt.auth', 'cors']], function() {
Route::get('logout', 'AuthController@logout');
Route::get('user', 'AuthController@getUser');
Route::get('movies/{page}', 'MovieController@index');
Route::get('movie/{id}', 'MovieController@getMovieByID');
Route::get('movies/search/{string}', 'MovieController@getMovieByTitleGenreDirector');
Route::get('movie/{id}/recommendations', 'MovieController@getMovieRecommendations');
});
糟糕,我好像忘了从 RouteServiceProvider.php
中删除 "cors"protected function mapApiRoutes()
{
Route::prefix('api')
->middleware(['api', 'cors'])
->namespace($this->namespace)
->group(base_path('routes/api.php'));
}
现在可以按预期工作了。