如何将 Postman 用于 Laravel $_POST 请求
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/35137768/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to use Postman for Laravel $_POST request
提问by MisterCat
How can I try sending a post request to a Laravel app with Postman?
如何尝试使用 Postman 向 Laravel 应用程序发送发布请求?
Normally Laravel has a csrf_tokenthat we have to pass with a POST/PUT request. How can I get and send this value in Postman? Is it even possible without turning offthe CSRF protection?
通常 Laravel 有一个csrf_token我们必须通过 POST/PUT 请求传递。如何在 Postman 中获取和发送此值?甚至可以不关闭CSRF保护吗?
回答by Bj?rn
Edit:
编辑:
Ah wait, I misread the question. You want to do it without turning off the CSRF protection? Like Bharat Geleda said: You can make a route that returns only the token and manually copy it in a _tokenfield in postman.
啊等等,我误读了这个问题。您想在不关闭 CSRF 保护的情况下执行此操作吗?就像 Bharat Geleda 所说:您可以创建一条仅返回令牌的路由,并_token在邮递员的字段中手动复制它。
But I would recommend excluding your api calls from the CSRF protection like below, and addin some sort of API authentication later.
但我建议像下面这样从 CSRF 保护中排除您的 api 调用,并在稍后添加某种 API 身份验证。
Which version of laravel are you running?
你运行的是哪个版本的laravel?
Laravel 5.2 and up:
Laravel 5.2 及更高版本:
Since 5.2 the CSRF token is only required on routes with webmiddleware. So put your api routes outside the group with webmiddleware.
从 5.2 开始,只有在带有web中间件的路由上才需要 CSRF 令牌。因此,将您的 api 路由放在带有web中间件的组之外。
See the "The Default Routes File" heading in the documentationfor more info.
有关详细信息,请参阅文档中的“默认路由文件”标题。
Laravel 5.1 and 5.2:
Laravel 5.1 和 5.2:
You can exclude routes which should not have CSRF protection in the VerifyCsrfTokenmiddleware like this:
您可以VerifyCsrfToken像这样在中间件中排除不应具有 CSRF 保护的路由:
class VerifyCsrfToken extends BaseVerifier
{
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
'api/*',
];
}
See the "Excluding URIs From CSRF Protection" heading documentationfor more info.
有关更多信息,请参阅“从 CSRF 保护中排除 URI”标题文档。
回答by Brian Fegter
If you store your sessions in Cookies, you can grab the Cookie from an auth request in Developer Tools.
如果您将会话存储在 Cookie 中,则可以从开发人员工具中的身份验证请求中获取 Cookie。
Copy and paste that Cookie in the Header of your POSTMAN or Paw requests.
将该 Cookie 复制并粘贴到您的 POSTMAN 或 Paw 请求的标题中。
This approach allows you to limit your API testing to your current session.
这种方法允许您将 API 测试限制为当前会话。
回答by james.s
1.You can create a new route to show the csrf token using your controller with help of the function below. (Use a Get request on the route)
1.您可以在以下功能的帮助下使用您的控制器创建一个新路由来显示 csrf 令牌。(在路由上使用 Get 请求)
public function showToken {
echo csrf_token();
}
2.Select the Body tab on postman and then choose x-www-form-urlencoded.
3.Copy the token and paste in postman as the value of the key named _token.
4.Execute your post request on your URL/Endpoint
2.选择邮递员的正文选项卡,然后选择x-www-form-urlencoded。
3.复制token并粘贴到postman中作为名为_token的key的值。
4.在您的 URL/端点上执行您的发布请求
回答by guddu kumar
In laravel, 5.3. Go to app/Http/Kernel.phpfind middlewareGroupsthen comment VerifyCsrfToken. Because it executes all middleware before service your request.
在 Laravel 中,5.3。去app/Http/Kernel.php查找middlewareGroups然后评论VerifyCsrfToken。因为它在服务您的请求之前执行所有中间件。
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
***// \App\Http\Middleware\VerifyCsrfToken::class,***
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
