Feb 26, 2025
0
Level 1
401 Unauthorized error when switching from Bearer token to Cookie-based authentication
The issue involves moving a long-lived OAuth bearer token to a cookie. What I did was removing all the Auth headers from the config and changing the RouteServiceProvider.php to have auth:api instead of api (saw this in a previous thread) and setting the token as:
$agent_ID = $user->id;
$idleTimeout = env('APP_IDLE_TIMEOUT', 2); // Default to 2 hours if not set in .env
// Create a short-lived Passport token (2 hours)
$token = $user->createToken('VRMToken')->accessToken;
return redirect()->route('search')
->with('success', "Welcome!")
->withCookie(cookie('vrm_token', $token, $idleTimeout, '/', null, true, true)) // 2-hour expiration
->withCookie(cookie('agent_ID', $agent_ID, $idleTimeout, '/', null, true, true))
->with(['token' => $token, 'agent_ID' => $agent_ID]); ```
Im getting this error =>
``` {message: 'Request failed with status code 401', name: 'AxiosError', code: 'ERR_BAD_REQUEST', config: {…}, request: XMLHttpRequest, …}```
Not sure what else am I missing. I've been struggling for days, any help is appreciated.
Please or to participate in this conversation.