问题:前后端分离,需要跨域请求,并且后端需要验证登录session。在axios中使用axios.defaults.withCredentials = true,每次session都会变。
laravel跨域解决方案:https://blog.csdn.net/u013091013/article/details/89879656
由于后端每次请求都要验证session,axios中使用axios.defaults.withCredentials = true时,response中的header不能设为Access-Control-Allow-Origin:*,这个时候后端就需要指定域名允许跨域。将Access-Control-Allow-Origin:*中的*改成你js所在服务器地址即可。
如果你想后端允许多域名跨域,可以将laravel中Cors改成这样
<?php
namespace App\Http\Middleware;
use Closure;
class Cors
{
/**
*
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$origin = $request->server('HTTP_ORIGIN') ? $request->server('HTTP_ORIGIN') : '';
$allow_origin = [
'http://localhost:8080','http://localhost:8081',
];
if (in_array($origin, $allow_origin)) {
header('Access-Control-Allow-Origin: '.$origin);
header("Access-Control-Allow-Credentials: true");
header("Access-Control-Allow-Methods: *");
header("Access-Control-Allow-Headers: X-Requested-With,Content-Type,Access-Token");
header("Access-Control-Expose-Headers: *");
}
return $next($request);
}
}