fix

src/Middleware/Authenticate.php

@@ -41,8 +41,11 @@ class Authenticate
     {
         //登录状态检测
         if ($this->auth->guard($guard)->guest()) {
-            $redirect = $request->input('redirect', $request->header('referer'));
+            $redirect = $request->input('redirect');
             if ($request->isXmlHttpRequest()) {
+                if( $redirect == null ){
+                    $redirect = $request->header('referer');
+                }
                 return response()->json([
                     'code' => config('pdauth.code.unauthorized', 401),
                     'msg' => 'Unauthorized',
@@ -51,6 +54,9 @@ class Authenticate
                     ],
                 ],401);
             } else {
+                if( $redirect == null ){
+                    $redirect = $request->getSchemeAndHttpHost()."/api/auth/token.html";
+                }
                 return redirect(app('pd.auth')->connect($redirect));
             }
         }

src/PdAuthServiceProvider.php

@@ -3,6 +3,7 @@
 namespace PdAuth;
 
 use Illuminate\Contracts\Encryption\DecryptException;
+use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\ServiceProvider;
 use PdAuth\Middleware\Authenticate;
@@ -69,6 +70,14 @@ class PdAuthServiceProvider extends ServiceProvider
             ])->withCookie($cookie);
         });
 
+        $this->app['router']->get('api/auth/token.html', function (Request $request) {
+            $code = $request->input('pd_code');
+            $id = $request->input('app_id');
+            $token = app('pd.auth')->choose(null, $id)->getAccessToken($code);
+            $cookie = new Cookie(Authenticate::CookieName, $token['access_token'], strtotime($token['expired_at']));
+            return RedirectResponse::create('/')->withCookie($cookie);
+        });
+
         $this->app['router']->get('api/auth/logout', function (Request $request) {
             $cookie = new Cookie(Authenticate::CookieName, '', time());
             return response()->json([