0

Let me explain a bit what I am trying to achieve. I want to send data from HTML form setup on wordpress which looks like that -> http://prntscr.com/mn87bl when the user enters correctly username/password it should login automatically on our Laravel APP which is on a different URL then the WP website.

I've tried to make an AJAX call to that link but i got a Cross-Origin Read Blocking error. I am not sure it will be possible to be done through cURL because the protocol is HTTPS.

I am lost and I am not sure what solution should i think of in order to make this work.. Anyone familiar with something like that?

Thanks in advance!!

brad
  • 1,407
  • 19
  • 33
milen
  • 73
  • 8
  • You could disable Laravel's CSRF protection for your login route: https://laravel.com/docs/5.7/csrf#csrf-excluding-uris – brad Feb 19 '19 at 15:28
  • @braed do you think this will help with this issues -> http://prntscr.com/mnj3o3 – milen Feb 20 '19 at 07:43
  • I think you need to allow CORS in your laravel application: https://murze.be/handling-cors-in-a-laravel-application – brad Feb 20 '19 at 09:10
  • @braed I understand but that doesn't really help. Our issue here is with the Cross-Origin Read Blocking, which comes from the browser... – milen Feb 20 '19 at 09:14
  • I think if you set CORS headers, the browser will allow the request: https://stackoverflow.com/a/17888736/6158156 – brad Feb 20 '19 at 09:16

1 Answers1

0

I would avoid making a direct cross-origin request altogether. It is finicky to make it work. Rather, submit username/password to WP backend, then make an authentication request to Laravel site from WP backend (with CURL or similar). If login is successful, return authentication token to the user and redirect him to the Laravel site.

You may consider using Laravel passport to handle tokens https://laravel.com/docs/5.7/passport

Eriks Klotins
  • 4,042
  • 1
  • 12
  • 26