在Laravel中设置授权标头

Question

我有一个laravel后端和一个关于react/redux的网站。我试图用superagent-bluebird-promis E要传递从我的前端特定的URL我的JWT令牌，但我不断收到

否“访问控制允许来源”标头出现在所请求的资源

错误。我已经看过每一篇文章，但无法弄清楚。 这里是我的前端代码：

import request from 'superagent-bluebird-promise' 
...... 
requestPromise= request.get(API_URL + action.url); 
     if(action.token) 
     requestPromise.set("Authorization","Bearer "+ action.token).withCredentials(); 

    requestPromise.query({ // add query (if get) 
     ...action.data, 
    }); 

在我laravel我有这样的.htaccess

<IfModule mod_rewrite.c> 
<IfModule mod_negotiation.c> 
    Options -MultiViews 
</IfModule> 

RewriteEngine On 

# Handle Authorization Header 
RewriteCond %{HTTP:Authorization} ^(.*) 
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] 

# Redirect Trailing Slashes If Not A Folder... 
RewriteCond %{REQUEST_FILENAME} !-d 
RewriteRule ^(.*)/$ /$1 [L,R=301] 

# Handle Front Controller... 
RewriteCond %{REQUEST_FILENAME} !-d 
RewriteCond %{REQUEST_FILENAME} !-f 
RewriteRule^index.php [L] 

，我也有一个CORS中间件，让这头，它从来没有得到到这里为此代码运行：

public function handle($request, Closure $next) 
{  
     $origin = 'https://mywebsite.com'; 


    return $next($request) 
     ->header('Access-Control-Allow-Origin', $origin) 
     ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS') 
     ->header('Access-Control-Allow-Headers','Authorization') 
     ->header('Access-Control-Allow-Credentials','true'); 
    ; 
} 

我也跑我的laravel我N A泊坞窗/ nginx的设置是否有助于

Answer 1

我kernel.php

protected $middleware = [ 
    \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, 
    \App\Http\Middleware\Cors::class, 
]; 

修复了这个问题，加入我的CORS中间件全球中间件