Okay I have this weird problem.
I want to set the header to 401 - Unauthorized if the try block throws an exception.
try {
$decoded = JWT::decode($jwt, $key, array('HS256'));
var_dump($decoded);
} catch (Exception $e) {
header('HTTP/1.0 401 Unauthorized');
}
But even if the try block doesn't throw an exception the header gets set anyway.
If I try to print out the exception message using
try {
$decoded = JWT::decode($jwt, $key, array('HS256'));
var_dump($decoded);
} catch (Exception $e) {
echo $e->getMessage();
}
var_dump($decoded) gets printed.
TLTR: The header gets set even if the try block doesn't throw an exception.
Edit: I found out that the problem only exists in my local project. I'm using xampp, any ideas?
Edit²: Okay. I found out that it doesn't work with CORS. Can anyone tell me how to properly enable CORS?
My .htaccess:
Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers: "Origin, content-type, accept, Authorization"
Error message: CORS Request blocked: [...] CORS-Preflight-Channel was not successful.