vue.js - laravel axios cross-domain request cookie issue

Question

I created the subdomain routing api.service.dev under Laravel. I used passport for authentication and enabled CreateFreshApiToken.

The laravel_token can be obtained normally under the domain name

service.dev, and when requesting https://api.service.dev/user, it prompts 401 Unauthenticated.

Check that the request header does not contain the laravel_token created by CreateFreshApiToken This cookie

May I ask how to solve this problem?

Answer 1

1. Install barryvdh/laravel-cors

For the installation method, please go to https://github.com/barryvdh/l...

2. Configure cors.php

return [
    /*
     |--------------------------------------------------------------------------
     | Laravel CORS
     |--------------------------------------------------------------------------
     |
     | allowedOrigins, allowedHeaders and allowedMethods can be set to array('*')
     | to accept any value.
     |
     */
    'supportsCredentials' => true,
    'allowedOrigins' => ['*'],
    'allowedHeaders' => ['*'],
    'allowedMethods' => ['*'],
    'exposedHeaders' => [],
    'maxAge' => 0,
];

3. Configure the domain of the session

Add SESSION_DOMAIN=.xxx.com in the .env file. This is service.dev, so .service.dev should be filled in, so that all subdomains of service.dev can share cookies

4. Finally configure the front-end request

Add the following code to bootstrap.js

window.axios.defaults.withCredentials = true;

---

In this way, you can access the cross-domain API normally! ! !

Answer 2

Axios has no problem under chrome after configuring withCredentials = true.
But under IE, the server side also needs to configure the P3P response header. . . IE is so unique