Laravel 5 making DELETE request by ajax - method not allowed

4
votes

I'm trying to make a DELETE request within a Laravel app using ajax

I have a function to make the request - using the right verb - to a resource but keeps coming up method not allowed:

Here's my ajax request:

$.ajax({
            type: 'DELETE',
            url:'/user/58',
            data: {
                '_method': 'DELETE',
                'id': id
            },
            dataType: 'json',
            success: function (data) {
                // do something with ajax data
                if (data.result) {
                    return true;
                }

                return false;

            },
            error: function (xhr, ajaxOptions, thrownError) {
                console.log('error...', xhr);
                return false;
                //error logging
            },
            complete: function () {
                //afer ajax call is completed
            }
        });

id is supplied within a function and for the test is 58.

Watching the network panel in Chrome I can see it starts with the expected url of user/58 but then quickly gets shortened to user

I know that to get the resource route to pick up the request it needs to be user/58 and the method DELETE so it will go to the destroy method and because of this it is being routed to the Index method which expects a GET request hence the method not allowed.

Why is my request url being changed?

What is the correct approach to make a DELETE request in Laravel?

Thanks

Edit: Here's my route: 

Route::group( [ 'middleware' => [ 'auth' , 'admin' ] ] , function ()
{
Route::resource( 'user' , 'UserController' );
} );

The csrf token is being taken care of in the headers - fairly certain this isn't the cause of problem as I do not get an invalid token exception

$.ajaxSetup({
        headers: {
            'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
        }
    });

Thanks

1
phpjqueryajaxlaravel
"Why is my request url being changed?" — Presumably because the server responds with a Location header to redirect the request.Quentin
Can you show your routes.php and Controller file plz?mopo922
Is there any kind of Auth check on the URL that might fail while using Ajax? And have you thought of the CSRF Token that is needed? See laravel.com/docs/5.2/routing#csrf-x-csrf-tokenJoshua - Pendo

1 Answers

3
votes

Two possible things that can happen here, I need to write this in a longer post than a comment so hopefully I got it right.

First thing that pops in my mind is an auth check that fails while doing the ajax request. At least I would redirect you back to the main resource if you wouldn't have enough rights.

However, my second guess is maybe even more likely. Have you thought of the X-CSRF-TOKEN that you need to send with an ajax request? See https://laravel.com/docs/5.2/routing#csrf-x-csrf-token

From the docs:

In addition to checking for the CSRF token as a POST parameter, the Laravel VerifyCsrfToken middleware will also check for the X-CSRF-TOKEN request header. You could, for example, store the token in a "meta" tag:

<meta name="csrf-token" content="{{ csrf_token() }}">

Once you have created the meta tag, you can instruct a library like jQuery to add the token to all request headers. This provides simple, convenient CSRF protection for your AJAX based applications:

$.ajaxSetup({
        headers: {
            'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
        }
});