我有两条资源路由,都在模型上调用了store方法。
Route::resource(/calls, 'CallController'); <--- Inside routes/web.php
Route::resource(/v1/calls, 'CallController'); <--- Inside routes/api.php
当我发布到https://example.com/calls时,该模型已正确保存到数据库中,并返回了适当的响应。
当我发布到https://example.com/api/v1/calls时,得到201响应并返回登录屏幕。
为什么我会收到两种不同的答复?起初我以为可能是CRSF令牌,但我使用的是Laravel 5.6。据我所知,这些路由都没有经过任何身份验证。
我未使用API附加了成功调用的请求标头
:authority: example.com
:method: POST
:path: /calls
:scheme: https
accept: application/json, text/javascript, */*; q=0.01
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cache-control: no-cache
content-length: 214
content-type: application/x-www-form-urlencoded; charset=UTF-8
cookie: XSRF-TOKEN=eyJpdiI6IkZlRzFxSERKbVplWFNrdEhaSUJyN3c9PSIsInZhbHVlIjoiaHRab3o4b2Q3d3h4WVNFNnRUYmw2Qm5yN0gwczJ6eDR6aFFIXC9wNmVvTzFvckE2Wks5djRjcjJDTkttRDd6VHB4V1IzK3Z4RldTZkF4Vkl2WlNLdmpBPT0iLCJtYWMiOiJiYTJlZjY1ZWM4MWNjYmIyZjllMTMyNjkzMWY5YzU1YzhlMDUxMjU0MmI0YWQ5ZDMyZmQ3ZjZiY2NlZjA5MDQ5In0%3D; test_session=eyJpdiI6ImgwbG1wd0U2N3gxN1djNURCY3JNdUE9PSIsInZhbHVlIjoiYWF1c3JJXC9MZ0ZJVjhoSDNQS0ZtbGlGXC91UkZXeEZOenE2MVJTQXlUZFFwZVlPUHNKS3pieEtmc2hFM3EzNnB6SFVLVHZUQVlGTEdub1wvaXBhVmhncHc9PSIsIm1hYyI6ImQzOGYwMWIxZGM2ODM1NjZhYjAyMjdiNGM4YjI2NDA3NTY3YzVlNzc3YWMyNjIwOTY3YTlkNTY0YWI0YTk3MTkifQ%3D%3D
origin: https://example.com
pragma: no-cache
referer: https://example.com/web
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.84 Safari/537.36
x-csrf-token: OyGKA35SMQJINoANVje94osmQOSNQAZT7MCx4LQA
x-requested-with: XMLHttpRequest
答案 0 :(得分:3)
您需要在API请求中添加以下标头:
Accept: application/json // <-- this indicates how you'd like to receive the response
/** and optionally: */
Content-type: application/json // <-- this indicates the data format that you are sending
这将告诉Laravel使用api保护,因为默认情况下Laravel使用web。