好的,这是我的尝试。
如果我使用错误的令牌访问受保护的API,Passport会返回401和{"message":"Unauthenticated."}。
但是由于响应中不存在CORS标头,我的Vue应用程序会收到CORS错误,并且无法处理响应代码。
所以在Laravel 5.8的http/kernel.php $middlewarePriority中添加\Barryvdh\Cors\HandleCors::class在\App\Http\Middleware\Authenticate::class之前。
以下是我的代码:
Original Answer翻译成"最初的回答"
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:300,1',
'Localization',
'bindings',
'cors'
],
];
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'Localization' => \App\Http\Middleware\localization::class,
'cors' => \Barryvdh\Cors\HandleCors::class,
];
protected $middlewarePriority = [
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\Barryvdh\Cors\HandleCors::class,
\App\Http\Middleware\Authenticate::class,
\Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
\Illuminate\Auth\Middleware\Authorize::class,
];
"最初的回答" -> "原始答案"
希望这能帮助其他人。
'middleware' => [\Barryvdh\Cors\HandleCors::class]
? - num8er