我正在尝试在 vuejs 组件上使用 axios 执行发布请求,它会抛出 403 forbidden 错误。这是我的发布请求的 javascript 代码:
createMessage() {
axios.post('/mensajes/guardar', {
subject: this.subject,
username: this.username,
content: this.editorContent
})
.then((res) => {
this.formProcessed = true
this.swalMixin('success', '¡Mensaje enviado!')
setTimeout(() => { window.location = '/mensajes' }, 3000)
})
.catch((err) => {
let errors = err.response.data.errors
let firstError = Object.keys(errors)[0]
let message = errors[firstError][0]
this.swalMixin('error', message)
})
}
处理它的 Controller 函数:
public function store(MessageStoreRequest $request)
{
$recipient = User::where('username', $request->username)->firstOrFail();
$message = Message::create([
'sender_id' => Auth::id(),
'recipient_id' => $recipient->id,
'subject' => $request->title,
'content' => $request->content,
]);
return response()->json([
'message' => 'success'
], 200);
}
我的消息模型路由组:
Route::prefix('mensajes')->middleware(['auth', 'verified'])->group(function () {
Route::get('/', 'MessageController@index')->name('message.index');
Route::get('/ver/{id}', 'MessageController@show')->name('message.show');
Route::get('/crear', 'MessageController@create')->name('message.create')->middleware('can:create,App\Message');
Route::post('/guardar', 'MessageController@store')->name('message.store')->middleware('can:create,App\Message');
});
我创建了一个自定义请求来处理验证:
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class MessageStoreRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return false;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'subject' => 'required|min:12',
'username' => 'required|',
'content' => 'required|min:37'
];
}
/**
* Custom message for validation
*
* @return array
*/
public function messages()
{
return [
'subject.required' => 'El asunto es obligatorio.',
'subject.min' => 'El asunto debe contener al menos 10 caracteres.',
'username.required' => 'El destinatario es obligatorio.',
'content.required' => 'El contenido del mensaje no puede estar vacío.',
'content.min' => 'El contenido del mensaje debe ser de al menos 30 caracteres.'
];
}
/**
* Filters to be applied to the input.
*
* @return array
*/
public function filters()
{
return [
'subject' => 'trim',
'username' => 'trim',
'content' => 'trim'
];
}
}
消息模型有这个策略:
/**
* Determine whether the user can create messages.
*
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
{
return $user->hasAccess(['create-message']);
}
我找不到问题。我一直在使用其他模型,这是第一个抛出此错误的模型。
最佳答案
让我们将自定义请求中的 authorize() 函数更改为 return true 而不是 return false。
此函数用于根据权限允许或禁止访问。
关于laravel - axios帖子上的403(禁止)。拉拉维尔 5.7,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/54245372/