Laravel Sanctum和Spa混乱 - 会话再生问题
好的,我遇到的非常奇怪。我遵循了Sanctum文档,并验证了由Laravel API提供支持的水疗中心。我使用的是NUXTJS的第一方水疗中心,其中包括Laravel 8 API。
现在,当我在获得CSRF代币之后打电话给登录名点时,我会从Laravel中获得500个错误。
{message: "Session store not set on request.", exception: "RuntimeException",…}
exception: "RuntimeException"
file: "/srv/app/vendor/laravel/framework/src/Illuminate/Http/Request.php"
line: 515
message: "Session store not set on request."
trace: [{file: "/srv/app/app/Http/Controllers/Api/V1/Auth/SanctumLoginController.php", line: 41,…},…]
这是登录控制器
public function login(Login $request)
{
if (Auth::attempt($request->toArray())) {
$request->session()->regenerate();
return $this->okResponse();
}
return $this->unauthorizedResponse();
}
,此行导致错误
$ request- session() - > recenerate();
API中间件
'api' => [
\Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
'throttle:api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
现在,这些是我理解Sanctum的 允许使用我的Laravel API对SPA进行身份验证。列表顶部的中间件应该允许会话,但是这里显然有问题。
我也知道我应该将登录控制器留在API路线中。
这让我有些困惑。我找到了一篇文章,说我应该添加此\ Illuminate \ session \ Middleware \ startsession :: class, 中的中间件数组中的中间件数组,但该文档对此没有任何说法。
有人可以向我解释什么是怎么回事,如果我正确理解所有这些?
Ok, so very weird issue I have. I followed the sanctum documentation with authenticating SPA powered by Laravel API. I am using NuxtJS first-party SPA with Laravel 8 API.
Now when I made the call to the login enpoint after getting the CSRF token I am getting following 500 error from laravel.
{message: "Session store not set on request.", exception: "RuntimeException",…}
exception: "RuntimeException"
file: "/srv/app/vendor/laravel/framework/src/Illuminate/Http/Request.php"
line: 515
message: "Session store not set on request."
trace: [{file: "/srv/app/app/Http/Controllers/Api/V1/Auth/SanctumLoginController.php", line: 41,…},…]
This is the login controller
public function login(Login $request)
{
if (Auth::attempt($request->toArray())) {
$request->session()->regenerate();
return $this->okResponse();
}
return $this->unauthorizedResponse();
}
And this line causes the error
$request->session()->regenerate();
Now these are my API middleware
'api' => [
\Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
'throttle:api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
To my understanding Sanctum is supposed to be a hybrid that allows using sessions to authenticate SPA with my Laravel API. This middleware on the top of the list is supposed to allow sessions but there is something wrong here obviously.
I also understand that I should leave my Login controller in the API routes.
It confuses me a bit. I found a post saying that I should add this \Illuminate\Session\Middleware\StartSession::class, to the middleware array in Kernel but the documentation doesn't say anything about it.
Could anyone explain to me what is up and if I understand all of that correctly?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
config/sanctum.php
检查是否存在Localhost:8000。
.env
JS
请与CSRF-Token一起发送。
config/sanctum.php
Check to see if localhost:8000 exists.
.env
JS
Please send with csrf-token.