Laravel 获取请求头

Question

I am using POSTMAN to send a GET request into the api with a header containing Authorization.

I know the data header works because if it doesn't the route returns a 401 error.

I wanted to get the Authorization header like so:

$access_token = Request::header('Authorization');

But noticed that it returns NULL.

So I tried to catch the values with:

die(var_dump(Request::header()));

And noticed that it doesn't contain any Authorization header. Just host to cookie headers.

---

update

Should get Authorization: Bearer ACCESS TOKEN

Answer 1

What POSTMAN Version did you use?

Are you on your local machine or managed server, some hosting companies don't allow AUTHORIZATION HEADER.

.htaccess modification

 RewriteEngine On
 RewriteCond %{HTTP:Authorization} .
 RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

Answer 2

The answer from dschniepp is right, but I have problems with this too. You have to do two things:

1. Check if mod_rewrite is available and activated.
2. Update the .htaccess file of Laravel, located in the public folder.

In the first point you have to check if the "mod_rewrite" module is available through php_info function, in a separate php file. Then if it is available you have to activate it, that depends on the configuration of your webserver, in my Nitrous box I added these lines to my httpd.conf file:

<IfModule mod_rewrite>
   RewriteEngine On
</IfModule>

Or you can activate the module in the .htaccess file too:

RewriteEngine On

Then in the same .htaccess file located in public folder in the root of the laravel app, you have to add these lines:

RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

These lines worked for me. Your .htaccess file should look like this:

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>

    RewriteEngine On

    RewriteCond %{HTTP:Authorization} ^(.*)
    RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

    # Redirect Trailing Slashes...
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
</IfModule>

And that's it, you should have the Authorization header in the Request::header() array. Just to clarify these is an issue with Apache, not with Laravel itself.

Answer 3

In Laravel 5.5 you can read herders by using apache_request_headers simply read it in your controller by the following lines

$headers = apache_request_headers();
dd($headers['Authorization']);

Make sure you have added use Illuminate\\Http\\Request; in your controller

Answer 4

Missing authorization headers with Apache virtual host.

Apart of the solution above the culprit may be because Apache server does not allow authorization header to pass through virtual host.

To solve this issue you have to add the line allowing Apache to pass authorization header to PHP in you virtual hosts configuration. Eg for Ubuntu 18.04 the virtual host is defined in /etc/apache2/sites-available/your-site-name.conf , see this tutorial for better context .

<VirtualHost>
    # ...
    SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
    # ...
</VirtualHost>

After updating the virtual host config do not forget to restart Apache (again eg Ubuntu 18.04 sudo systemctl restart apache2 ).

This should fix the issue.

Here is the original answer .

Answer 5

Posting this here as it solved my problem. This applies for sub domains but can obviously be adjusted for plain domains as well. Applied this within my routes file at the top.

$newUrl = '';
try{
    $urlParts = parse_url($_SERVER['HTTP_REFERER']) ?? '';
    $newUrl = $urlParts['scheme'] . "://" . $urlParts['host'];
    if(!stristr($newUrl, '.yourdomain.com')){
        $newUrl = 'false';
    }
}catch(Exception $e)
{}
header('Access-Control-Allow-Origin: ' . $newUrl);
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Allow-Headers: access-control-allow-origin,cache-control,content-type,postman-token');