php - Laravel jwt 在组外使用中间件
问题描述
我正在尝试在某些 api 调用上检查和刷新我的令牌,因此我创建了自己的中间件并将其添加到我的 Kernel.php $routeMiddleware 中。然后我将它添加到我要检查的中间件组中,并在必要时刷新令牌。但是,当我登录时,虽然登录调用不在中间件组内,但它也会调用此中间件,因此我收到 500 错误:“无法从请求中解析令牌”。我还注意到,即使从组中间件中删除“cors”,中间件也会被调用......任何帮助将不胜感激!
这是中间件的代码:
class Cors
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$response = $next($request);
try
{
if (! $user = JWTAuth::parseToken()->authenticate() )
{
return response()->json(['user_not_found'], 404);
}
}
catch (TokenExpiredException $e)
{
try
{
$refreshed = JWTAuth::refresh(JWTAuth::getToken());
$response->header('Authorization', 'Bearer ' . $refreshed);
}
catch (JWTException $e)
{
return response()->json(['couldnt refresh token'], 404);
}
$user = JWTAuth::setToken($refreshed)->toUser();
}
catch (JWTException $e)
{
return response()->json(['error trying to parse token'], 404);
}
Auth::login($user, false);
return $response;
}
}
这些是我的路线:
Route::group(['middleware' => ['api','jwt.auth', 'cors']], function() {
Route::get('logout', 'AuthController@logout');
Route::get('user', 'AuthController@getUser');
Route::get('movies/{page}', 'MovieController@index');
Route::get('movie/{id}', 'MovieController@getMovieByID');
Route::get('movies/search/{string}', 'MovieController@getMovieByTitleGenreDirector');
Route::get('movie/{id}/recommendations', 'MovieController@getMovieRecommendations');
});
解决方案
哎呀,好像我忘了从我的 RouteServiceProvider.php 中删除“cors”
protected function mapApiRoutes()
{
Route::prefix('api')
->middleware(['api', 'cors'])
->namespace($this->namespace)
->group(base_path('routes/api.php'));
}
它现在按预期工作。