POST请求上的Laravel 5令牌不匹配

【问题标题】:Laravel 5 Token mismatch on POST requestPOST请求上的Laravel 5令牌不匹配
【发布时间】:2015-03-13 17:29:11
【问题描述】:

它正在出现一些非常奇怪的东西:

我在 Laravel 5 中实现 Iron 消息队列,以便将请求与长任务执行区分开来。 一旦我将消息推送到 Iron 的队列中,它就会向预定义的路由发送一个 POST 请求,以唤醒长时间运行的进程(推送队列方法)。

我有这个路由文件:

Route::post('queue/receive', function()
    {
        //start long task exec
        return Queue::marshal();
    });

/* garantisco il logout agli utenti*/
Route::get('auth/logout', 'Auth\AuthController@getLogout');

/* redirect degli utenti loggati */
Route::group(['middleware' => 'guest'], function()
{

    Route::get('/', 'WelcomeController@index');

    Route::controllers([
        'auth' => 'Auth\AuthController',
        'password' => 'Auth\PasswordController',
    ]);
});

Route::group(['middleware' => 'auth'], function()
{
    Route::get('home', 'HomeController@index');
});

定义的第一个路由是 IronMQ 将调用的端点。 我知道令牌不匹配是使用“VerifyCsrfToken”中间件(与 L4 中的过滤器相同)的一个常见问题。 令人难以置信的是我已经禁用了这个中间件,但问题仍然存在。 这是我内核的中间件:

class Kernel extends HttpKernel {

    /**
     * The application's global HTTP middleware stack.
     *
     * @var array
     */

    protected $middleware = [
        'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode',
        'Illuminate\Cookie\Middleware\EncryptCookies',
        'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
        'Illuminate\Session\Middleware\StartSession',
        'Illuminate\View\Middleware\ShareErrorsFromSession',
        //'LabelCreator\Http\Middleware\VerifyCsrfToken',
    ];

    /**
     * The application's route middleware.
     *
     * @var array
     */
    protected $routeMiddleware = [
        'auth' => 'LabelCreator\Http\Middleware\Authenticate',
        'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
        'guest' => 'LabelCreator\Http\Middleware\RedirectIfAuthenticated',
    ];

}

如您所见,“VerifyCsrfToken”已禁用,但正在测试来自本地环境的发布请求,现在我收到此错误:

    DecryptException in Encrypter.php line 142:
Invalid data.
in Encrypter.php line 142
at Encrypter->getJsonPayload('') in Encrypter.php line 92
at Encrypter->decrypt('') in IronQueue.php line 214
at IronQueue->parseJobBody('') in IronQueue.php line 173
at IronQueue->marshalPushedJob() in IronQueue.php line 159
at IronQueue->marshal()
at call_user_func_array(array(object(IronQueue), 'marshal'), array()) in QueueManager.php line 223
at QueueManager->__call('marshal', array()) in Facade.php line 207
at QueueManager->marshal() in Facade.php line 207
at Facade::__callStatic('marshal', array()) in routes.php line 17
at Queue::marshal() in routes.php line 17
at RouteServiceProvider->{closure}()
at call_user_func_array(object(Closure), array()) in Route.php line 153
at Route->runCallable(object(Request)) in Route.php line 128
at Route->run(object(Request)) in Router.php line 691
at Router->Illuminate\Routing\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 141
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 101
at Pipeline->then(object(Closure)) in Router.php line 693
at Router->runRouteWithinStack(object(Route), object(Request)) in Router.php line 660
at Router->dispatchToRoute(object(Request)) in Router.php line 618
at Router->dispatch(object(Request)) in Kernel.php line 210
at Kernel->Illuminate\Foundation\Http\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 141
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in ShareErrorsFromSession.php line 55
at ShareErrorsFromSession->handle(object(Request), object(Closure)) in Pipeline.php line 125
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in StartSession.php line 61
at StartSession->handle(object(Request), object(Closure)) in Pipeline.php line 125
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in AddQueuedCookiesToResponse.php line 36
at AddQueuedCookiesToResponse->handle(object(Request), object(Closure)) in Pipeline.php line 125
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in EncryptCookies.php line 40
at EncryptCookies->handle(object(Request), object(Closure)) in Pipeline.php line 125
at Pipeline->Illuminate\Pipeline\{closure}(object(Request)) in CheckForMaintenanceMode.php line 42
at CheckForMaintenanceMode->handle(object(Request), object(Closure)) in Pipeline.php line 125
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 101
at Pipeline->then(object(Closure)) in Kernel.php line 111
at Kernel->sendRequestThroughRouter(object(Request)) in Kernel.php line 84
at Kernel->handle(object(Request)) in index.php line 53

我尝试评论其他中间件,但问题仍然存在。 Iron 正在做的是向我的端点发送一个简单的 POST 请求,就像 webhooks 一样。 问题是什么? 我不认为是会话的问题,因为 Iron 是一个简单的第三方服务,它调用一个端点,如果它仍然是我的应用程序的“来宾”客户端,那就没问题了。

谁能帮帮我? 提前谢谢

【问题讨论】:

    标签: php laravel message-queue laravel-5 iron


    【解决方案1】:

    我发现了问题: 我在没有 POST 请求有效负载的情况下在本地测试端点,因此解密无法正常工作,但是使用 RequestBin(非常有用的工具)嗅探 IronMQ 发送的有效负载,我已将相同的有效负载添加到本地测试请求,现在它可以工作了。

    希望对你有帮助:)

    【讨论】:

    • 你能告诉我你是怎么做到的吗?我目前在使用 IronMQ 和 Laravel 时遇到了同样的问题。
    • @PeteHouston 你有什么问题?
    • IronMQ 发布到队列路由时出现 TokenMismatchException。所以我设法通过从 CSRF 令牌检查中排除队列路由来处理它。你有更好的解决方案吗?
    • @PeteHouston 我的解决方案是:从队列路由中删除 VerifyCsrfToken 中间件,但使用自定义中间件验证密钥作为获取参数以确保路由安全。
    猜你喜欢
    • 1970-01-01
    • 2015-12-20
    • 2020-05-10
    • 2016-09-20
    • 2017-07-15
    • 2015-12-31
    • 2014-11-04
    • 1970-01-01
    • 2016-10-15
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode