Guys I'm developing restFull api using laravel 5.1.My endpoints are working correctly on postman. But when I integrate it with front-end it is getting following error.
XMLHttpRequest cannot load http://ift.tt/2gFV6Wq. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://ideahubfront.dev' is therefore not allowed access. The response had HTTP status code 500.
I've tried following methods.
(1) created core middle-ware.
<?php
namespace App\Http\Middleware;
use Closure;
class Cors
{
public function handle($request, Closure $next)
{
return $next($request)
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->header('Access-Control-Allow-Headers', 'Content-Type, Accept, Authorization, X-Requested-With');
}
}
added it to kernal.php
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* @var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\App\Http\Middleware\Cors::class,
];
/**
* The application's route middleware.
*
* @var array
*/
protected $routeMiddleware = [
'web' => \App\Http\Middleware\VerifyCsrfToken::class,
'cors' => \App\Http\Middleware\Cors::class,
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
];
}
and to routes.php
Route::group(['middleware' => ['web', 'core'], 'prefix' => 'api/v1'], function(){
// get single user by user id
Route::get('getuserbyid/{user_id}', 'UserController@getSingleUserById');
Route::post('users/register', 'UserController@register');
});
After that options requests worked. But post request still same.
(2) Added headers to controller return manually. Like this.
return response()->json([$user, $merchant], 200)
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->header('Access-Control-Allow-Headers', 'Cache-Control, Connection, Date, Server, Content-Type, User-Agent, Accept, Referer, Authorization,Origin, Accept-Encoding, Content-Length, Host, Connection, X-Requested-With');
No luck. Guys please help me. I'm dying for this. My clients wants to see the registration. I'm stuck on this.
via
Chebli Mohamed