Php Laravel Passport不处理网站';用户自己的API调用
我使用的是Php Laravel Passport不处理网站';用户自己的API调用,php,laravel,laravel-passport,Php,Laravel,Laravel Passport,我使用的是laravel5.4和AngularJS。我创建了api,这些api由我自己网站的AngularJS Ajax方法调用,也由移动应用程序和一些第三方应用程序调用 对于API身份验证我使用的是Laravel Passport~4.0,具有密码授权。每个人都可以使用API调用,但我无法使用Ajax调用从我的网站对API进行身份验证 根据,如果我在web中间件组中使用提供者\Laravel\Passport\Http\Middleware\CreateFreshApiToken::class
laravel5.4
和AngularJS
。我创建了api
,这些api由我自己网站的AngularJS Ajax
方法调用,也由移动应用程序和一些第三方应用程序调用
对于API身份验证
我使用的是Laravel Passport~4.0
,具有密码授权
。每个人都可以使用API
调用,但我无法使用Ajax
调用从我的网站对API
进行身份验证
根据,如果我在web
中间件组中使用提供者\Laravel\Passport\Http\Middleware\CreateFreshApiToken::class
,那么我不需要为我自己的API
调用设置授权头
,Laravel
将为我处理。(请参阅所提供链接中的第2段中的#使用JavaScript使用API)
请在下面查看我的代码实现:
config/app.php:
<?php
return [
'providers' => [
Laravel\Passport\PassportServiceProvider::class
]
];
<?php
namespace App\Models;
use Laravel\Passport\HasApiTokens;
use Illuminate\Notifications\Notifiable;
use Illuminate\Database\Eloquent\SoftDeletes;
use Illuminate\Foundation\Auth\User as Authenticatable;
use App\Traits\Encryptable;
class User extends Authenticatable
{
use HasApiTokens;
use SoftDeletes;
use Notifiable;
use Encryptable;
protected $table = 'users';
}
<?php
return [
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
];
对于返回html视图的请求/dashboard
页面,请求
和响应
如下所示:
General:
Request URL: http://local.something.com/dashboard
Request Method: GET
Status Code: 200 OK
Remote Address: 127.0.0.1:80
Referrer Policy: no-referrer-when-downgrade
Request Headers:
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,gu;q=0.8
Cache-Control: max-age=0
Connection: keep-alive
Cookie: laravel_token=eyJpdiI6IjBxXC9zVUhmKzdZMDZqVVwvM0s2V1Y0QT09IiwidmFsdWUiOiJhMmNmOTBtTEZmZE16N0pDRmVDWURlZURVaHlhSUVaZ003TldrbjhmRmdFWmU2SENMTDVLbHdRMmNRK1dDazBGZnkwaER4QVR4b2doQzliWXVQSzBldU1hMWM0UTVycCtVOU9uMzlNa2IyR3gzektXS1FiQTJXd1dcL2xXeFpNZzNRZWJEVjdDRFZleklheVJsU0FSY1dlZEZQWm1lV3hHV0hHN3JwMSs4MncwTkhjN0RNd1hXVENrcGZFR29tMHZXdGxicks3a1J2TjRhNUlNalhiTG5oem1DVHpZWlRvaHIxQzZrY3pqNytNMEhxSkJwUkMxY0NsZmFBY2s5T0VDYzJGUW5MdEZqYm5Kc09vcDdLU1hWdkE9PSIsIm1hYyI6ImY5YzEyNTMxYzYxMTYyZjQ2OWJkZWU1NTkyYjkzYjQzM2Q4Y2NjMzkyMzk3ZDMzNTllNzQ5NGJmYzI4YmFhZDYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IlpOcllLTDRkYmsrbmRhTnF6NFQ0Z0E9PSIsInZhbHVlIjoiY2VES3d2VGhIcUlnczdOQmV4VzVISHpnUXRFS1lra2dHTXN5VmR0bEQweEVjejlFTFpRczNEdTNtSGRUdW1TS2IyTU01QVwvZCt2RVVmOHRHUUYrRzlBPT0iLCJtYWMiOiI5ZTZhMjE3ZGE2MTliNmNkMzg4ZTg5ODA0MTEyN2E4YTZhNTgxMWFhYWIwMTFhNTM5YWYzMjViMzMxOTkyNjU2In0%3D; laravel_session=eyJpdiI6IktlNUpPd0s2djRzQXlVakRuUkxUR3c9PSIsInZhbHVlIjoicVwvSmlLaVpWK2hKSytQcUU5WmJCdmJIR2ZPS2JnT1FKbWY2M0VLOVNzYlBcL3pJYnl6c1RrVWFVQVlHWUNodjgzdk92WStRVDl1cHEzUGtPRStMUmhPZz09IiwibWFjIjoiODg4YzhmYjQ0NzE2ZDI2MWY1YmU2MmJiYjUxZjk0NTA5MmNiY2ZkZDEwYjk0OTFjZTY0MTE5ODk0MjZmYjRkMSJ9
Host: local.something.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36
Response Headers:
Access-Control-Allow-Headers: Authorization, Content-Type, mobile-app
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 07 May 2018 06:21:59 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.23 (Win64) PHP/7.2.4
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjVWbGlOekVib1QycWFHMTlVb01ENnc9PSIsInZhbHVlIjoibjQzNXFkME95MmMzekJ4cUNOSldpQXY4dE95YVlxV3dsMFNZc1hGZHQySk9lSE5MTXRiS1FJSVNiXC9cL0V4VEFQb1V0Qnl1V1FFb0RhM0Roa2xCVk9zZz09IiwibWFjIjoiMjJmZGRlNzU0MDBmNzA1MzdhYTRmMWNkMjM5YjBmYjU2YzMwOWM1OGFkNmMwYzQ3YTIwMTYzYzY1M2M5ZGZiMiJ9; expires=Mon, 07-May-2018 08:22:00 GMT; Max-Age=7200; path=/
Set-Cookie: laravel_session=eyJpdiI6InVPWUplcE1GZnVHNUYxXC9YMWl1UmtnPT0iLCJ2YWx1ZSI6IlQxUkpmVllhb0R2dkpiZDFWd0xlWXg5WGxjQTY5dFY2R3BjdGNvTVhoc1pORnE5b0ttMXhcL2NZbFErOVwvMnUwTDAwcFFLXC9ySzdaMkxSR1wva3NEMW1mUT09IiwibWFjIjoiNGYxYmM2NmNhMjE1NjliNGYzYmFiYTdhZmY2ZWY5NzM1MmI5ZjQ3ZTdlY2JjMDg5ODkxMWQwOTBiNjM2MDQzZSJ9; expires=Mon, 07-May-2018 08:22:00 GMT; Max-Age=7200; path=/; HttpOnly
Set-Cookie: laravel_token=eyJpdiI6ImYxdDB4SGpnWGptMnBNM3lWc2pvY0E9PSIsInZhbHVlIjoiRDZheEtEeHdPT2EyQWFuZ1NPOHcwSnRtUnZ3aW1jOVhxNGtBRnZQK01OakZaTmNIQ1JVMkJ4MGl3RjdhR0NzR0VVODlaWDNyTXVWOXpjS1lOOWNEeDh0OGxISnBWUnU4V0NwKzdheVN0bGJkSVk2dGNnYng3c1p1OGExVGFKejR1M2JjMGlSVzJ3WElEbEFlVTNUeVA1ODdTZXE5alBqWSs5aXV5UUlZVkRmSGppTm0zSnNZc2tEMEhzTEt2NEZ6K0t4eDI0WDdDUmJGYm44NGc4aXo4akxMRVFySmdZblwvMEtMZDJYVTFYU0pBVDY5RG9SdmhlaDF0REhONEpLNHNJbWppZWxrS1Nhd0ZjU2ZVazJqdCtBPT0iLCJtYWMiOiJkMmE1NTc4YTFhYTRlODFmOWY5YjllNmM1MDA4Nzg4ODg5Njg2NDI1Zjk3MzdkYmFlNzg2YzNkZjI3NzYzOWY0In0%3D; expires=Mon, 07-May-2018 08:22:00 GMT; Max-Age=7200; path=/; HttpOnly
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.4
使用Ajax
获取用户数据的API请求如下:
General:
Request URL: http://local.something.com/api/v1/user/3/data
Request Method: GET
Status Code: 401 Unauthorized
Remote Address: 127.0.0.1:80
Referrer Policy: no-referrer-when-downgrade
Request Headers:
accept: application/json
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,gu;q=0.8
Connection: keep-alive
Cookie: laravel_token=eyJpdiI6ImYxdDB4SGpnWGptMnBNM3lWc2pvY0E9PSIsInZhbHVlIjoiRDZheEtEeHdPT2EyQWFuZ1NPOHcwSnRtUnZ3aW1jOVhxNGtBRnZQK01OakZaTmNIQ1JVMkJ4MGl3RjdhR0NzR0VVODlaWDNyTXVWOXpjS1lOOWNEeDh0OGxISnBWUnU4V0NwKzdheVN0bGJkSVk2dGNnYng3c1p1OGExVGFKejR1M2JjMGlSVzJ3WElEbEFlVTNUeVA1ODdTZXE5alBqWSs5aXV5UUlZVkRmSGppTm0zSnNZc2tEMEhzTEt2NEZ6K0t4eDI0WDdDUmJGYm44NGc4aXo4akxMRVFySmdZblwvMEtMZDJYVTFYU0pBVDY5RG9SdmhlaDF0REhONEpLNHNJbWppZWxrS1Nhd0ZjU2ZVazJqdCtBPT0iLCJtYWMiOiJkMmE1NTc4YTFhYTRlODFmOWY5YjllNmM1MDA4Nzg4ODg5Njg2NDI1Zjk3MzdkYmFlNzg2YzNkZjI3NzYzOWY0In0%3D; XSRF-TOKEN=eyJpdiI6IjVWbGlOekVib1QycWFHMTlVb01ENnc9PSIsInZhbHVlIjoibjQzNXFkME95MmMzekJ4cUNOSldpQXY4dE95YVlxV3dsMFNZc1hGZHQySk9lSE5MTXRiS1FJSVNiXC9cL0V4VEFQb1V0Qnl1V1FFb0RhM0Roa2xCVk9zZz09IiwibWFjIjoiMjJmZGRlNzU0MDBmNzA1MzdhYTRmMWNkMjM5YjBmYjU2YzMwOWM1OGFkNmMwYzQ3YTIwMTYzYzY1M2M5ZGZiMiJ9; laravel_session=eyJpdiI6InVPWUplcE1GZnVHNUYxXC9YMWl1UmtnPT0iLCJ2YWx1ZSI6IlQxUkpmVllhb0R2dkpiZDFWd0xlWXg5WGxjQTY5dFY2R3BjdGNvTVhoc1pORnE5b0ttMXhcL2NZbFErOVwvMnUwTDAwcFFLXC9ySzdaMkxSR1wva3NEMW1mUT09IiwibWFjIjoiNGYxYmM2NmNhMjE1NjliNGYzYmFiYTdhZmY2ZWY5NzM1MmI5ZjQ3ZTdlY2JjMDg5ODkxMWQwOTBiNjM2MDQzZSJ9
Host: local.something.com
Referer: http://local.something.com/dashboard
User-Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36
X-Requested-With: XMLHttpRequest
X-XSRF-TOKEN: eyJpdiI6IjVWbGlOekVib1QycWFHMTlVb01ENnc9PSIsInZhbHVlIjoibjQzNXFkME95MmMzekJ4cUNOSldpQXY4dE95YVlxV3dsMFNZc1hGZHQySk9lSE5MTXRiS1FJSVNiXC9cL0V4VEFQb1V0Qnl1V1FFb0RhM0Roa2xCVk9zZz09IiwibWFjIjoiMjJmZGRlNzU0MDBmNzA1MzdhYTRmMWNkMjM5YjBmYjU2YzMwOWM1OGFkNmMwYzQ3YTIwMTYzYzY1M2M5ZGZiMiJ9
Response Headers:
Access-Control-Allow-Headers: Authorization, Content-Type, mobile-app
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Length: 12
Content-Type: text/html; charset=UTF-8
Date: Mon, 07 May 2018 06:22:00 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.23 (Win64) PHP/7.2.4
Set-Cookie: laravel_session=eyJpdiI6Im82TGNRVms0aUtSNHNVbzdKZXZYb0E9PSIsInZhbHVlIjoiY1wvTmZXV3o0SVYyRmVoMzRheWNaRHBDV29jWmI2S3JvQjNBOEVjNHlsQkpKMWlRMWdYWlU1ckdnbTRIOVllSmZIOVpud01BTExtSURXNHdDdkZZMDNnPT0iLCJtYWMiOiIyMzc4YjczNTFmYmJlNDg3N2UxZDJlODg0NDFjNjEyZjhhYWM4YTk4MTMzZDk0NjUyY2ZkNjY0MTUzZWZjYjVlIn0%3D; expires=Mon, 07-May-2018 08:22:01 GMT; Max-Age=7200; path=/; HttpOnly
X-Powered-By: PHP/7.2.4
X-RateLimit-Limit: 300
X-RateLimit-Remaining: 299
这将返回未经授权的401
,我不知道为什么?问题在于API
调用,它是由我自己的web应用程序
仅使用Ajax
进行的。对于移动应用程序和第三方应用程序,我们使用了授权
标题,似乎一切正常。有人能告诉我我遗漏了什么或者如何修复吗?经过大量跟踪,我发现问题出在app/Http/Kernel.php
上。
在protected$middlewareGroups
中,在api
部分中添加了一些middleware
,如:
受保护的$middlewareGroups=[
“api”=>[
'油门:300,1',
\App\Http\Middleware\EncryptCookies::class,
\Illumb\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illumb\Session\Middleware\StartSession::class,
“绑定”,
],
];
他们正在加密cookie,因此它返回了未经授权的401
。我删除了它们,如:
受保护的$middlewareGroups=[
“api”=>[
'油门:300,1',
“绑定”,
],
];
代码开始工作。如果您在组中指定api
中间件,会发生什么<代码>'middleware'=>['api',auth:api']
@DigitalDriver,它返回未经授权的for/dashboard页面。
<?php
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Authorization, Content-Type, mobile-app' );
header('Access-Control-Allow-Methods', '*');
Route::get('/',function(){
if(\Auth::check()){
return redirect('/dashboard');
}
return redirect('/login');
});
Route::group(['middleware' => array('auth')], function(){
//Some web routes here which returns html views
});
<?php
protected $middlewareGroups = [
'web' =>
\Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
],
];
function makeRequest(url, params, method) {
var requestUrl = '/' + url;
if(params != null){
var requestUrl = '/' + url+'?page=1';
}
angular.forEach(params, function(value, key){
requestUrl = requestUrl + '&' + key + '=' + value;
});
return $http({
'url': requestUrl,
'method': method,
'headers': {
'accept': 'application/json',
'X-Requested-With': 'XMLHttpRequest'
},
'cache': false
}).then(function(response){
return response.data;
}).catch(dataServiceError);
}
General:
Request URL: http://local.something.com/dashboard
Request Method: GET
Status Code: 200 OK
Remote Address: 127.0.0.1:80
Referrer Policy: no-referrer-when-downgrade
Request Headers:
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,gu;q=0.8
Cache-Control: max-age=0
Connection: keep-alive
Cookie: laravel_token=eyJpdiI6IjBxXC9zVUhmKzdZMDZqVVwvM0s2V1Y0QT09IiwidmFsdWUiOiJhMmNmOTBtTEZmZE16N0pDRmVDWURlZURVaHlhSUVaZ003TldrbjhmRmdFWmU2SENMTDVLbHdRMmNRK1dDazBGZnkwaER4QVR4b2doQzliWXVQSzBldU1hMWM0UTVycCtVOU9uMzlNa2IyR3gzektXS1FiQTJXd1dcL2xXeFpNZzNRZWJEVjdDRFZleklheVJsU0FSY1dlZEZQWm1lV3hHV0hHN3JwMSs4MncwTkhjN0RNd1hXVENrcGZFR29tMHZXdGxicks3a1J2TjRhNUlNalhiTG5oem1DVHpZWlRvaHIxQzZrY3pqNytNMEhxSkJwUkMxY0NsZmFBY2s5T0VDYzJGUW5MdEZqYm5Kc09vcDdLU1hWdkE9PSIsIm1hYyI6ImY5YzEyNTMxYzYxMTYyZjQ2OWJkZWU1NTkyYjkzYjQzM2Q4Y2NjMzkyMzk3ZDMzNTllNzQ5NGJmYzI4YmFhZDYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IlpOcllLTDRkYmsrbmRhTnF6NFQ0Z0E9PSIsInZhbHVlIjoiY2VES3d2VGhIcUlnczdOQmV4VzVISHpnUXRFS1lra2dHTXN5VmR0bEQweEVjejlFTFpRczNEdTNtSGRUdW1TS2IyTU01QVwvZCt2RVVmOHRHUUYrRzlBPT0iLCJtYWMiOiI5ZTZhMjE3ZGE2MTliNmNkMzg4ZTg5ODA0MTEyN2E4YTZhNTgxMWFhYWIwMTFhNTM5YWYzMjViMzMxOTkyNjU2In0%3D; laravel_session=eyJpdiI6IktlNUpPd0s2djRzQXlVakRuUkxUR3c9PSIsInZhbHVlIjoicVwvSmlLaVpWK2hKSytQcUU5WmJCdmJIR2ZPS2JnT1FKbWY2M0VLOVNzYlBcL3pJYnl6c1RrVWFVQVlHWUNodjgzdk92WStRVDl1cHEzUGtPRStMUmhPZz09IiwibWFjIjoiODg4YzhmYjQ0NzE2ZDI2MWY1YmU2MmJiYjUxZjk0NTA5MmNiY2ZkZDEwYjk0OTFjZTY0MTE5ODk0MjZmYjRkMSJ9
Host: local.something.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36
Response Headers:
Access-Control-Allow-Headers: Authorization, Content-Type, mobile-app
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 07 May 2018 06:21:59 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.23 (Win64) PHP/7.2.4
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjVWbGlOekVib1QycWFHMTlVb01ENnc9PSIsInZhbHVlIjoibjQzNXFkME95MmMzekJ4cUNOSldpQXY4dE95YVlxV3dsMFNZc1hGZHQySk9lSE5MTXRiS1FJSVNiXC9cL0V4VEFQb1V0Qnl1V1FFb0RhM0Roa2xCVk9zZz09IiwibWFjIjoiMjJmZGRlNzU0MDBmNzA1MzdhYTRmMWNkMjM5YjBmYjU2YzMwOWM1OGFkNmMwYzQ3YTIwMTYzYzY1M2M5ZGZiMiJ9; expires=Mon, 07-May-2018 08:22:00 GMT; Max-Age=7200; path=/
Set-Cookie: laravel_session=eyJpdiI6InVPWUplcE1GZnVHNUYxXC9YMWl1UmtnPT0iLCJ2YWx1ZSI6IlQxUkpmVllhb0R2dkpiZDFWd0xlWXg5WGxjQTY5dFY2R3BjdGNvTVhoc1pORnE5b0ttMXhcL2NZbFErOVwvMnUwTDAwcFFLXC9ySzdaMkxSR1wva3NEMW1mUT09IiwibWFjIjoiNGYxYmM2NmNhMjE1NjliNGYzYmFiYTdhZmY2ZWY5NzM1MmI5ZjQ3ZTdlY2JjMDg5ODkxMWQwOTBiNjM2MDQzZSJ9; expires=Mon, 07-May-2018 08:22:00 GMT; Max-Age=7200; path=/; HttpOnly
Set-Cookie: laravel_token=eyJpdiI6ImYxdDB4SGpnWGptMnBNM3lWc2pvY0E9PSIsInZhbHVlIjoiRDZheEtEeHdPT2EyQWFuZ1NPOHcwSnRtUnZ3aW1jOVhxNGtBRnZQK01OakZaTmNIQ1JVMkJ4MGl3RjdhR0NzR0VVODlaWDNyTXVWOXpjS1lOOWNEeDh0OGxISnBWUnU4V0NwKzdheVN0bGJkSVk2dGNnYng3c1p1OGExVGFKejR1M2JjMGlSVzJ3WElEbEFlVTNUeVA1ODdTZXE5alBqWSs5aXV5UUlZVkRmSGppTm0zSnNZc2tEMEhzTEt2NEZ6K0t4eDI0WDdDUmJGYm44NGc4aXo4akxMRVFySmdZblwvMEtMZDJYVTFYU0pBVDY5RG9SdmhlaDF0REhONEpLNHNJbWppZWxrS1Nhd0ZjU2ZVazJqdCtBPT0iLCJtYWMiOiJkMmE1NTc4YTFhYTRlODFmOWY5YjllNmM1MDA4Nzg4ODg5Njg2NDI1Zjk3MzdkYmFlNzg2YzNkZjI3NzYzOWY0In0%3D; expires=Mon, 07-May-2018 08:22:00 GMT; Max-Age=7200; path=/; HttpOnly
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.4
General:
Request URL: http://local.something.com/api/v1/user/3/data
Request Method: GET
Status Code: 401 Unauthorized
Remote Address: 127.0.0.1:80
Referrer Policy: no-referrer-when-downgrade
Request Headers:
accept: application/json
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,gu;q=0.8
Connection: keep-alive
Cookie: laravel_token=eyJpdiI6ImYxdDB4SGpnWGptMnBNM3lWc2pvY0E9PSIsInZhbHVlIjoiRDZheEtEeHdPT2EyQWFuZ1NPOHcwSnRtUnZ3aW1jOVhxNGtBRnZQK01OakZaTmNIQ1JVMkJ4MGl3RjdhR0NzR0VVODlaWDNyTXVWOXpjS1lOOWNEeDh0OGxISnBWUnU4V0NwKzdheVN0bGJkSVk2dGNnYng3c1p1OGExVGFKejR1M2JjMGlSVzJ3WElEbEFlVTNUeVA1ODdTZXE5alBqWSs5aXV5UUlZVkRmSGppTm0zSnNZc2tEMEhzTEt2NEZ6K0t4eDI0WDdDUmJGYm44NGc4aXo4akxMRVFySmdZblwvMEtMZDJYVTFYU0pBVDY5RG9SdmhlaDF0REhONEpLNHNJbWppZWxrS1Nhd0ZjU2ZVazJqdCtBPT0iLCJtYWMiOiJkMmE1NTc4YTFhYTRlODFmOWY5YjllNmM1MDA4Nzg4ODg5Njg2NDI1Zjk3MzdkYmFlNzg2YzNkZjI3NzYzOWY0In0%3D; XSRF-TOKEN=eyJpdiI6IjVWbGlOekVib1QycWFHMTlVb01ENnc9PSIsInZhbHVlIjoibjQzNXFkME95MmMzekJ4cUNOSldpQXY4dE95YVlxV3dsMFNZc1hGZHQySk9lSE5MTXRiS1FJSVNiXC9cL0V4VEFQb1V0Qnl1V1FFb0RhM0Roa2xCVk9zZz09IiwibWFjIjoiMjJmZGRlNzU0MDBmNzA1MzdhYTRmMWNkMjM5YjBmYjU2YzMwOWM1OGFkNmMwYzQ3YTIwMTYzYzY1M2M5ZGZiMiJ9; laravel_session=eyJpdiI6InVPWUplcE1GZnVHNUYxXC9YMWl1UmtnPT0iLCJ2YWx1ZSI6IlQxUkpmVllhb0R2dkpiZDFWd0xlWXg5WGxjQTY5dFY2R3BjdGNvTVhoc1pORnE5b0ttMXhcL2NZbFErOVwvMnUwTDAwcFFLXC9ySzdaMkxSR1wva3NEMW1mUT09IiwibWFjIjoiNGYxYmM2NmNhMjE1NjliNGYzYmFiYTdhZmY2ZWY5NzM1MmI5ZjQ3ZTdlY2JjMDg5ODkxMWQwOTBiNjM2MDQzZSJ9
Host: local.something.com
Referer: http://local.something.com/dashboard
User-Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36
X-Requested-With: XMLHttpRequest
X-XSRF-TOKEN: eyJpdiI6IjVWbGlOekVib1QycWFHMTlVb01ENnc9PSIsInZhbHVlIjoibjQzNXFkME95MmMzekJ4cUNOSldpQXY4dE95YVlxV3dsMFNZc1hGZHQySk9lSE5MTXRiS1FJSVNiXC9cL0V4VEFQb1V0Qnl1V1FFb0RhM0Roa2xCVk9zZz09IiwibWFjIjoiMjJmZGRlNzU0MDBmNzA1MzdhYTRmMWNkMjM5YjBmYjU2YzMwOWM1OGFkNmMwYzQ3YTIwMTYzYzY1M2M5ZGZiMiJ9
Response Headers:
Access-Control-Allow-Headers: Authorization, Content-Type, mobile-app
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Length: 12
Content-Type: text/html; charset=UTF-8
Date: Mon, 07 May 2018 06:22:00 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.23 (Win64) PHP/7.2.4
Set-Cookie: laravel_session=eyJpdiI6Im82TGNRVms0aUtSNHNVbzdKZXZYb0E9PSIsInZhbHVlIjoiY1wvTmZXV3o0SVYyRmVoMzRheWNaRHBDV29jWmI2S3JvQjNBOEVjNHlsQkpKMWlRMWdYWlU1ckdnbTRIOVllSmZIOVpud01BTExtSURXNHdDdkZZMDNnPT0iLCJtYWMiOiIyMzc4YjczNTFmYmJlNDg3N2UxZDJlODg0NDFjNjEyZjhhYWM4YTk4MTMzZDk0NjUyY2ZkNjY0MTUzZWZjYjVlIn0%3D; expires=Mon, 07-May-2018 08:22:01 GMT; Max-Age=7200; path=/; HttpOnly
X-Powered-By: PHP/7.2.4
X-RateLimit-Limit: 300
X-RateLimit-Remaining: 299