将授权标头与 JWT Laravel 一起使用时获取 token_not_provided
我读了 这个教程,我设法让它完美地工作.唯一的问题是,当我从 ?token={token_here} 切换到 Authorization Bearer {token here} 时,它会停止工作.我正在使用 Postman,并且在 Header 字段中编写 Authorization 并在值中编写 Bearer{white space}{token} .我使用的库是 https://github.com/tymondesigns/jwt-auth
I read this tutorial and I managed to make it work perfectly. The only problem is that when I switch from ?token={token_here} to Authorization Bearer {token here} it stops working. I'm using Postman and I'm writing Authorization in the Header field and Bearer{white space}{token} in the value. The library I'm using is https://github.com/tymondesigns/jwt-auth
我在 Wiki 中阅读了有关 Apache 问题的信息,但我不确定这是否是我的情况.我用 PHP 函数 getallheaders() 诊断它.如果我死亡并转储该功能,则表明授权标头可用.我尝试了使用和不使用 .htaccess 修改.
I read in the Wiki about the Apache problem and I'm not sure if that's my case. I diagnosed it with PHP function getallheaders(). If I die and dump that function, it shows that the Authorization Header is available. I tried with and without the .htaccess modification.
.htaccess
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# RewriteCond %{HTTP:Authorization} ^(.)
# RewriteRule . - [e=HTTP_AUTHORIZATION:%1]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
路由文件
dd(getallheaders()['Authorization']);
Route::group(['prefix' => 'api'], function() {
Route::post('login', 'AuthenticateController@email');
Route::group(['middleware' => ['jwt.auth', 'jwt.refresh']], function() {
Route::post('logout', 'AuthenticateController@logout');
Route::get('test', function() {
return response()->json(['foo' => 'bar']);
});
});
});
对我哪里出错有什么想法吗?
Any thoughts on where I'm going wrong?
提醒:如果我使用 http://localhost/projects/linus/public/api/test?token={token} 可以.
Reminder: if I use http://localhost/projects/linus/public/api/test?token={token} it works.
推荐答案
事实证明,问题在于 .htaccess 文件中的标头配置在两行中都缺少 *
.而不是
As it turns out, the problem was that the header configuration in the .htaccess file was missing a *
in both lines. Instead of
RewriteCond %{HTTP:Authorization} ^(.)
RewriteRule . - [e=HTTP_AUTHORIZATION:%1]
显示出来
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
特别感谢 James-Daddies.
相关文章