正在处理需要通过后端API通过护照进行身份验证的Laravel应用程序。正在消耗某个API,该API需要在解析数据之前对用户进行身份验证。从前端代码解析令牌时,在浏览器的“网络”选项卡上出现“未经身份验证”错误,但是当我直接在邮递员上获得令牌时,它会通过。
我会丢失什么吗?
引发未经身份验证的错误的代码
public function global_Curl_Post($data , $url)
{
$server = env('API_ENDPOINT_NGINX_NAME') !== null ? env('API_ENDPOINT_NGINX_NAME') : 'https://digitalapps*****.example.com';
$accessToken = session('access_token');
$headers = ["Accept:application/json",
"Content-Type:application/json",
"Authorization:Bearer ".$accessToken
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, ($server.'/'.$url));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$response = json_decode(curl_exec($ch));
dd($response);
curl_close($ch);
return $response;
}
当我登录邮递员并在下面的代码中复制access_token时,它将进行身份验证
public function global_Curl_Post($data , $url)
{
$server = env('API_ENDPOINT_NGINX_NAME') !== null ? env('API_ENDPOINT_NGINX_NAME') : 'https://digitalapps*****.example.com';
$accessToken = session('access_token');
//copy access_token from postman and paste directly
$headers = ["Accept:application/json",
"Content-Type:application/json",
"Authorization:Bearer "."yJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiI.............."
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, ($server.'/'.$url));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$response = json_decode(curl_exec($ch));
dd($response);
curl_close($ch);
return $response;
}