Nuxt 3 使用 useFetch 发送 POST 请求时出现 419 未知状态错误。

huangapple go评论74阅读模式
英文:

Nuxt 3 useFetch POST request send a 419 unknown status error

问题

I develop a web app with NuxtJS and Laravel.

当我使用 useFetch 发送 POST 请求时,我收到一个 419 错误,没有更多信息(它是一个未知的状态)。

I launch sanctum/csrf-cookie request, and keep token in variable :

var token;

await useFetch("http://localhost:8000/sanctum/csrf-cookie",
    {
        method: "GET",
        mode: "cors",
        credentials: "include"
    }
).then(() => {
    token = document.cookie
                    .split("; ")
                    .find((row) => row.startsWith("XSRF-TOKEN"))
                    ?.split("=")[1];
});

我发起以下请求:

await useFetch(
    'http://localhost:8000/login',
    {
        method: "POST",
        headers:{
            'Accept': 'application/json',
            'X-XSRF-TOKEN': token,
        },
        body:{
            "email": "ukeeling@example.org",
            "password": "password",
        },
        mode: 'cors',
        credentials: "include"
    }
).then(loginResponse => {
    console.log("login", loginResponse.data);
});

This is my route in web.php :

Route::post('login', function(Request $request){
     return "Log In";
};

这是我的 cors.php 配置文件:

'paths' => ['api/*', 'sanctum/csrf-cookie', 'login', 'logout',],

'allowed_methods' => ['*'],

'allowed_origins' => ['http://localhost:3000', 'http://localhost:8000', 'http://127.0.0.1:3000', 'http://127.0.0.1:8000'],

'allowed_origins_patterns' => [],

'allowed_headers' => ['*'],

'exposed_headers' => [],

'max_age' => 0,

'supports_credentials' => true,

GET 请求有效,但 POST 请求无效。如果我将 "/login" 路由添加到 VerifyCsrfToken 的 $except 属性中,登录的 POST 请求有效。而且,所有路由在 Postman 上都有效。

我是否漏掉了什么?

英文:

I develop a web app with NuxtJS and Laravel.

When I send a POST request with useFetch, I have a 419 error, and no more information (it is an unknown status).

I launch sanctum/csrf-cookie request, and keep token in variable :

var token;

await useFetch("http://localhost:8000/sanctum/csrf-cookie",
    {
        method: "GET",
        mode: "cors",
        credentials: "include"
    }
).then(() => {
    token = document.cookie
                    .split("; ")
                    .find((row) => row.startsWith("XSRF-TOKEN"))
                    ?.split("=")[1];
});

And I launch

await useFetch(
    'http://localhost:8000/login',
    {
        method:"POST",
        headers:{
            'Accept': 'application/json',
            'X-XSRF-TOKEN': token,
        },
        body:{
            "email": "ukeeling@example.org",
            "password": "password",
        },
        mode: 'cors',
        credentials: "include"
    }
).then(loginResponse => {
    console.log("login", loginResponse.data);
});

This is my route in web.php :

Route::post('login', function(Request $request){
     return "Log In";
};

this is my cors.php config file :

'paths' => ['api/*', 'sanctum/csrf-cookie', 'login', 'logout',],

'allowed_methods' => ['*'],

'allowed_origins' => ['http://localhost:3000', 'http://localhost:8000', 'http://127.0.0.1:3000', 'http://127.0.0.1:8000'],

'allowed_origins_patterns' => [],

'allowed_headers' => ['*'],

'exposed_headers' => [],

'max_age' => 0,

'supports_credentials' => true,

GET request works but not POST.
And, if I add "/login" route in $except attribute in VerifyCsrfToken, the login POST request works.
And, all route work on Postman.

I miss something ?

答案1

得分: 1

我找到答案!

我比较由Laravel发送的CSRF令牌与document.cookie中检索到的令牌。
当我阅读它时,它们看起来很相似,但我将它们放在一个新的文档(在VSCode中)中,逐字逐字地突出显示。
有一个字母无法识别为相同的。

因此,Laravel不会将我的令牌与其令牌匹配,因为它们不同。

要解决这个问题,我执行以下操作:

token = decodeURIComponent(token);

然后它就有效了!

英文:

I find the answer !

I compare CSRF token send by Laravel and the retrieved token with the document.cookie.
They are similar when I read it, but I put their in a new document (in VSCode) and I highlight letter by letter.
There is a letter not recognize as same.

So, Laravel doesn't match my token with his token, because there are different.

To resolve it, I do :

token = decodeURIComponent(token);

And it works !

huangapple
  • 本文由 发表于 2023年3月1日 09:45:23
  • 转载请务必保留本文链接:https://go.coder-hub.com/75598881.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定