将授权标头与 JWT Laravel 一起使用时获取 token_not_provided

2022-01-10 00:00:00 jwt php laravel laravel-5.1

我读了 这个教程,我设法让它完美地工作.唯一的问题是,当我从 ?token={token_here} 切换到 Authorization Bearer {token here} 时,它会停止工作.我正在使用 Postman,并且在 Header 字段中编写 Authorization 并在值中编写 Bearer{white space}{token} .我使用的库是 https://github.com/tymondesigns/jwt-auth

I read this tutorial and I managed to make it work perfectly. The only problem is that when I switch from ?token={token_here} to Authorization Bearer {token here} it stops working. I'm using Postman and I'm writing Authorization in the Header field and Bearer{white space}{token} in the value. The library I'm using is https://github.com/tymondesigns/jwt-auth

我在 Wiki 中阅读了有关 Apache 问题的信息,但我不确定这是否是我的情况.我用 PHP 函数 getallheaders() 诊断它.如果我死亡并转储该功能,则表明授权标头可用.我尝试了使用和不使用 .htaccess 修改.

I read in the Wiki about the Apache problem and I'm not sure if that's my case. I diagnosed it with PHP function getallheaders(). If I die and dump that function, it shows that the Authorization Header is available. I tried with and without the .htaccess modification.

.htaccess

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>

    RewriteEngine On

#    RewriteCond %{HTTP:Authorization} ^(.)
#    RewriteRule . - [e=HTTP_AUTHORIZATION:%1]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]    
</IfModule>

路由文件

dd(getallheaders()['Authorization']);
Route::group(['prefix' => 'api'], function() {

    Route::post('login', 'AuthenticateController@email');

    Route::group(['middleware' => ['jwt.auth', 'jwt.refresh']], function() {
        Route::post('logout', 'AuthenticateController@logout');

        Route::get('test', function() {
            return response()->json(['foo' => 'bar']);
        });
    });
});

对我哪里出错有什么想法吗?

Any thoughts on where I'm going wrong?

提醒:如果我使用 http://localhost/projects/linus/public/api/test?token={token} 可以.

Reminder: if I use http://localhost/projects/linus/public/api/test?token={token} it works.

推荐答案

事实证明,问题在于 .htaccess 文件中的标头配置在两行中都缺少 *.而不是

As it turns out, the problem was that the header configuration in the .htaccess file was missing a * in both lines. Instead of

RewriteCond %{HTTP:Authorization} ^(.)
RewriteRule . - [e=HTTP_AUTHORIZATION:%1]

显示出来

RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

特别感谢 James-Daddies.

相关文章