Have you looked into ApiGuard https://github.com/chrisbjr/api-guard). It encapsulates a lot of this token passing. You'll need to remove csrf middleware and replace with a custom Cors middleware:
<?php namespace App\Http\Middleware;
use Closure;
use Illuminate\Contracts\Routing\Middleware;
use Illuminate\Http\Response;
class Cors implements Middleware {
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
return $next($request)
->header('Access-Control-Allow-Methods', 'POST, GET, OPTIONS, PUT, DELETE')
->header('Access-Control-Allow-Headers', 'Content-Type, Accept, Authorization, X-Requested-With, X-Authorization, Access-Control-Allow-Origin')
->header('Access-Control-Allow-Credentials', 'true');
}
}
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community