CORS error in laravel when using jwt middleware.auth

Question

CORS error in laravel when using jwt middleware.auth

When I try to make an http Request inside my JWT middleware.auth I get:

:9000/#/dash / Product Type: 1 Access to XMLHttpRequest at ' https://api2.jcontrole.com.br/api/notificacoes/gerais ' from origin ' http://localhost:9000 ' has been blocked by CORS policy: Request header field token is not allowed by Access-Control-Allow-Headers in preflight response.

/ Framework / Laravel
| Framework version / 5.6
/ Package version/using "barryvdh/laravel-CORS": "^0.9.2", and "tymon / jwt-auth": "^0.5.12 "
/ PHP version / PHP 5.6.36 (cli) (built: Apr 25 2018 16:45:32)

I have these routes without jwt middleware:

<?php

use Illuminate\Http\Request;

Auth::routes();

//Route::post('login', 'UserController@acessarSistema'); 
Route::post('login', 'UserController@authenticate');

They work normally but when I try to make a request in a group that has the jwt.auth middleware I get cors error:

$this->group(['middleware' => 'jwt.auth', ['prefix' => 'api']], function() {

      Route::post('admin/tipo-produto', 'TipoProdutosController@create')->name('cadastrar_tipo_produto')->middleware('checarPermissaoTela');

})

I tried using the CORS package, added it in my middlewareGroups:

protected $middlewareGroups = [
    'web' => [
        \App\Http\Middleware\EncryptCookies::class,
        \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
        \Illuminate\Session\Middleware\StartSession::class,
        // \Illuminate\Session\Middleware\AuthenticateSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\VerifyCsrfToken::class,
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
    ],

    'api' => [
        'throttle:60,1',
        'bindings',
        **\Barryvdh\Cors\HandleCors::class,**
    ],
];

My cors config in config / cors.php:

<?php

return [

    /*
    |--------------------------------------------------------------------------
    | Laravel CORS
    |--------------------------------------------------------------------------
    |
    | allowedOrigins, allowedHeaders and allowedMethods can be set to array('*')
    | to accept any value.
    |
    */

    'supportsCredentials' => false,
    'allowedOrigins' => ['*'],
    'allowedOriginsPatterns' => [],
    'allowedHeaders' => ['*'],
    'allowedMethods' => ['*'],
    'exposedHeaders' => [],
    'maxAge' => 0,

];

I also tried adding in public / index.php:

header('Access-Control-Allow-Origin: *');  
header('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS');

1

laravel cors jwt

Author: veroneseComS, 2019-03-27

Source

1 answers

score 0 · Answer 1

Was resolved on the Apache server by changing the apache file.conf:

Header set Access-Control-Allow-Origin "*"

0

Author: veroneseComS, 2019-03-29 19:21:58