抱歉,您的会话已过期。请刷新,然后重试。 -Laravel 5.8

时间:2019-09-06 00:06:48

标签: php laravel laravel-5 laravel-5.8

我创建了一条路线Route::post('/ddos/store','DdosController@store');

我还有一个控制器

public function store()
{

    dd("HERE");

    $ddos                = new Ddos;
    $ddos->ip            = $ip;
    $ddos->details       = $details;
    $ddoss->save();

    return $ddos;

}

我不断得到-通过邮递员发布测试帖子

我想从控制器中看到文本“ HERE”。

我做错了什么?

2 个答案:

答案 0 :(得分:4)

邮递员未在请求中发送CSRF令牌,并且您的路由位于web路由组下,该路由组应用了VerifyCsrfToken中间件

将路线移至api组或将其添加为例外

use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;

class VerifyCsrfToken extends Middleware
{
    /**
     * Indicates whether the XSRF-TOKEN cookie should be set on the response.
     *
     * @var bool
     */
    protected $addHttpCookie = true;

    /**
     * The URIs that should be excluded from CSRF verification.
     *
     * @var array
     */
    protected $except = [
        'ddos/store'
    ];
}

答案 1 :(得分:2)

在执行public class TimerFragment extends DaggerFragment { @Inject @Named("applicationViewModelProvider") private ViewModelProvider appProvider; @Override public View onCreateView(@NonNull LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) { TimerViewModel timerViewModel = appProvider.get(TimerViewModel.class); //Observe timerViewModel.getTimeLiveData() and update Fragment } } 行之前执行了一个中间件。它称为CSRF Protection。您可以通过在public TimerViewModel extends ViewModel { private MutableLiveData<String> timeLiveData; //@Inject construtor public setTime(String time){ timeLiveData.setValue(time); } public LiveData<String> getTimeLiveData { return timeLiveData; } } 中添加这一行来排除它。

dd

如果您坚持要继续与邮递员发送csrf令牌,则可以创建测试用例并将其保存在环境变量中(我建议)。这个link可能会对您有所帮助。

相关问题
最新问题