mahmoud-birdsol/cors-laravel

Laravel 跨源资源共享包

维护者

详细信息

github.com/mahmoud-birdsol/cors-laravel

源代码

问题

安装: 566

依赖: 0

建议者: 0

安全性: 0

星标: 1

关注者: 1

分叉: 0

开放性问题: 0

dev-master 2016-08-08 16:58 UTC

Requires

MIT 7e7da4286628010092b4ad418bda675d83c18d4a

  • Mahmoud El-Mokhtar <mahmoud.woop@birdsol.com>

apicorslaravelCross Origin Resource Sharing

This package is auto-updated.

Last update: 2024-09-23 23:55:14 UTC

README

此包提供了一个中间件,允许在不同源之间进行资源共享,这对于使用 Laravel 进行 API 开发非常有用。此包仍在开发中,将添加更多选项

用法

通过 composer 安装此包

composer require mahmoud-birdsol/cors-laravel:dev-master

将服务提供者添加到 config/app.php 中的应用程序服务提供者

/*
* Other Service Providers...
*/
MahmoudBirdsol\CORSLaravel\CORSServiceProvider::class,

发布配置文件(cors.php)

php artisan vendor:publish --provider="MahmoudBirdsol\CORSLaravel\CORSServiceProvider"

将中间件添加到 API 路由组

'api' => [
    'throttle:60,1',
    MahmoudBirdsol\CORSLaravel\CORSMiddleware::class,
],

修改 config/cors.php 文件,所有选项都有合适的默认值,除了允许的源。

<?php
/*
|--------------------------------------------------------------------------
| CORS, Cross Origin Resource Sharing Config File
|--------------------------------------------------------------------------
|
*/
return [

    /*
    |--------------------------------------------------------------------------
    | Local environment
    |--------------------------------------------------------------------------
    |
    | This options will simple allow for requests without HTTP_ORIGIN to go
    | through if set to true an will abort with an unauthorized response
    | if false. Also note if the APP_ENV is not set to local in .env
    | file this option will be overridden by the .env file option.
    |
    */

    'local' => true,

    /*
    |--------------------------------------------------------------------------
    | Internal Requests
    |--------------------------------------------------------------------------
    |
    | Internal will simply allow for internal api requests the default is true
    | but change to false if you'r app is just an api layer. If set true it
    | will allow for dingo API internal requests other wise se to false.
    |
    */

    'internal' => true,
    
    /*
    |--------------------------------------------------------------------------
    | Allowed Origins
    |--------------------------------------------------------------------------
    |
    | These are the allowed origins to make requests to this application
    | you can add as many origins as your application requires to this
    | array each request will be validated through the middleware.
    |
    | To make all origins allowed just remove the array syntax
    | and add *
    |
    */

    'origins' => [

    ],

    /*
    |--------------------------------------------------------------------------
    | Access control allow credentials
    |--------------------------------------------------------------------------
    |
    | The credentials variable can be either true or false.
    |
    */
    'credentials' => true,

    /*
    |--------------------------------------------------------------------------
    | Allowed methods for a CORS request
    |--------------------------------------------------------------------------
    */
    'methods' => [
        'GET',
        'POST',
        'PATCH',
        'PUT',
        'DELETE',
        'OPTIONS'
    ],

    /*
    |--------------------------------------------------------------------------
    | Allowed headers for a CORS request
    |--------------------------------------------------------------------------
    */
    'headers' => [
        'Origin',
        'Content-Type',
        'X-Auth-Token',
        'X-Requested-With',
        'Authorization',
        'Accept',
    ]

];

就这么多

扩展用法

在大多数情况下,您可能希望从验证 CSRF 令牌的中间件中排除 API 路由,因此请将 API 前缀添加到中间件的 except 数组中

protected $except = [
    'api/*'
];

作为替代,您可以为您的高级路由创建不同的路由文件。首先创建路由文件 routes.api.php,然后转到 RouteServiceProvider.php 并添加此功能

/**
 * Define the "api" routes for the application.
 *
 * These routes receive the api route group middlewares.
 *
 * @param  \Illuminate\Routing\Router  $router
 * @return void
 */
protected function mapApiRoutes(Router $router)
{
    $router->group([
        'namespace' => $this->namespace, 'middleware' => 'api',
    ], function ($router) {
        require app_path('Http/routes.api.php');
    });
}

别忘了在 RouteServiceProvider.phpmap 函数中调用此函数

/**
 * Define the routes for the application.
 *
 * @param  \Illuminate\Routing\Router  $router
 * @return void
 */
public function map(Router $router)
{
    $this->mapWebRoutes($router);
    $this->mapApiRoutes($router);
}

用于与 [dingo api] (https://github.com/dingo/api) 的使用

config/api.php 中,将中间件添加到默认的 API 中间件列表中

/*
|--------------------------------------------------------------------------
| API Middleware
|--------------------------------------------------------------------------
|
| Middleware that will be applied globally to all API requests.
|
*/
'middleware' => [
    MahmoudBirdsol\CORSLaravel\CORSMiddleware::class,
],

许可协议

在 MIT 许可证下发布,请参阅 LICENSE。