laravel 带有 jQuery Ajax 的 JWT 令牌
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/34031084/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
JWT token with jQuery Ajax
提问by Lee
I have an API being driven with Laravel, Dingo and JWT Tokens. Testing the API call with PAW works perfectly. Running the API calls with jQuery without middleware JWT Tokens disable works fine. But as soon as I try running an Ajax request with JWT Tokens Im getting a 401.
我有一个由 Laravel、Dingo 和 JWT 令牌驱动的 API。使用 PAW 测试 API 调用效果很好。在没有中间件 JWT 令牌禁用的情况下使用 jQuery 运行 API 调用可以正常工作。但是一旦我尝试使用 JWT 令牌运行 Ajax 请求,我就会收到 401。
Am I missing a trick with the Ajax Request. Can you see a problem with this code?
我是否错过了 Ajax 请求的技巧。你能看出这段代码有问题吗?
$.ajax({
url: "http://api.domain.app/products",
dataType : 'jsonp',
type: 'GET',
beforeSend : function(xhr) {
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Authorization", "Bearer XXXX");
},
error : function() {
// error handler
},
success: function(data) {
console.log(data);
return data;
}
});
I am having to use jsonp due to Cross Domain. But again this is working fine turing off the JWT middleware.
由于跨域,我不得不使用 jsonp。但同样,这在关闭 JWT 中间件时运行良好。
Hope you can advise..
希望大家多多指教。。
回答by Lee
I removed the API from the subdomain and its working fine. It must have something to do with jsonp and JWT Tokens.
我从子域中删除了 API 并且它工作正常。它必须与 jsonp 和 JWT 令牌有关。
回答by StubbornShowaGuy
The HTTP status code 401 is for "Unauthorized", meaning authentication is required and has failed or has not yet been properly provided.
In this case, it is because it has not been properly provided. You are trying to provide it in the beforeSendparameter. beforeSendoffers you a chance to manipulate the XMLHttpRequestbefore it is sent, but the problem is, you are using JSONP. And JSONP since JSONP is just a <script>tag insertion trick, it does not use XMLHttpRequest, so manipulating it is pointless.
HTTP 状态代码 401 表示“未授权”,这意味着需要进行身份验证并且已失败或尚未正确提供。在这种情况下,这是因为它没有正确提供。您正试图在beforeSend参数中提供它。beforeSend为您提供XMLHttpRequest在发送之前对其进行操作的机会,但问题是,您使用的是 JSONP。而 JSONP 由于 JSONP 只是一个<script>标签插入技巧,它不使用XMLHttpRequest,所以操纵它是没有意义的。
Hereis a good explanation on exactly what JSONP is.
这是关于 JSONP 究竟是什么的一个很好的解释。
Your question was, "Can you see a problem with this code?", which I have answered above. What you probably want to ask though, is "How do I get the authorization issue to work with jQuery?". You say "I am having to use jsonp due to Cross Domain", and if you elaborate a bit more on the "due to Cross Domain", an answer leading to to a solution will be easier to produce. The answer in this issuemight solve your problems, but it's difficult to tell without more information.
你的问题是,“你能看出这段代码有问题吗?”,我在上面已经回答过。不过,您可能想问的是“我如何获得使用 jQuery 的授权问题?”。您说“由于跨域,我不得不使用 jsonp”,如果您详细说明“由于跨域”,则更容易生成解决方案的答案。 这个问题的答案可能会解决您的问题,但如果没有更多信息,就很难判断。
