XMLHttpRequest cannot load http://api.console.vms3.com/api/user. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' istherefore not allowed access.

'Access-Control-Allow-Origin: *'

创建 `app/Http/Middleware/AccessControlAllowOrigin.php` middleware 把 'Access-Control-Allow-Origin: *' 写入头部.

app/Http/Middleware/AccessControlAllowOrigin.php

<?php

namespace App\Http\Middleware;

use Closure;

use Illuminate\Support\Facades\Auth;

class AccessControlAllowOrigin

{

    /**

     *

     * Handle an incoming request.

     *

     * @param  \Illuminate\Http\Request  $request

     * @param  \Closure  $next

     * @return mixed

     */

    public function handle($request, Closure $next)

    {

        header('Access-Control-Allow-Origin: *');

        header("Access-Control-Allow-Credentials: true");

        header("Access-Control-Allow-Methods: *");

        header("Access-Control-Allow-Headers: Content-Type,Access-Token");

        header("Access-Control-Expose-Headers: *");

        return $next($request);

    }

}

<?php

namespace App\Http;

use Illuminate\Foundation\Http\Kernel as HttpKernel;

class Kernel extends HttpKernel

{

    /**

     * The application's global HTTP middleware stack.

     *

     * These middleware are run during every request to your application.

     *

     * @var array

     */

    protected $middleware = [

        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,

        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,

        \App\Http\Middleware\TrimStrings::class,

        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,

        \App\Http\Middleware\AccessControlAllowOrigin::class,

    ];

    /**

     * The application's route middleware groups.

     *

     * @var array

     */

    protected $middlewareGroups = [

        'web' => [

            \App\Http\Middleware\EncryptCookies::class,

            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,

            \Illuminate\Session\Middleware\StartSession::class,

            // \Illuminate\Session\Middleware\AuthenticateSession::class,

            \Illuminate\View\Middleware\ShareErrorsFromSession::class,

            \App\Http\Middleware\VerifyCsrfToken::class,

            \Illuminate\Routing\Middleware\SubstituteBindings::class,

        ],

        'api' => [

            'throttle:60,1',

            'bindings',

            'cors'

        ],

    ];

    /**

     * The application's route middleware.

     *

     * These middleware may be assigned to groups or used inpidually.

     *

     * @var array

     */

    protected $routeMiddleware = [

        'auth' => \Illuminate\Auth\Middleware\Authenticate::class,

        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,

        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,

        'can' => \Illuminate\Auth\Middleware\Authorize::class,

        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,

        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,

        'cors' => \App\Http\Middleware\AccessControlAllowOrigin::class,

    ];

}

Route::middleware('cors')->group(function () {

    //

});