laravel 跨域post请求

按照vue.js 2.0教程的《Vuejs 和 Laravel API 前后端分离》使用cors解决跨域问题，get请求能够正常，但post请求未能通过。

前端请求：

this.axios.post('http://xxx.xx/api/user/login', {
                            username: 'username',
                            pwd: 'pwd'
                        })
                        .then(function (response) {
                            console.log(response);
                        })
                        .catch(function (error) {
                            console.log(error);
                        });

后端路由：
api.php

Route::middleware('cors:api')->post('/user/login', function (Request $request) {
    return 'posttest';
});

VerifyCsrfToken.php $except中添加'/api/user/login'

错误提示：
XMLHttpRequest cannot load http://xxx.xx/api/user/login. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access.