401 Unauthorized while trying to load page

@msslgomez few points on where to look at:

• Is the route defined in a Route group? Then check which middleware is applied to the group and debug what causes the authorization problem
• Do you have anything in your LocationController constructor, or do you extend another Controller that adds authorization to the routes
• your renderView method, any form request that has the authorize return false or any implementation that blocks the request?

The api route should be accessed using api/locations so both endpoints are different.

@nakov the route in the web.php is inside a Route Group where it checks for user type in a middleware called RoleMiddleware, this same middleware is setting up the users menu items, and it displays the correct menu items.

The location controller extends Controller.

This project is copied exactly from a old one, and I'm trying to set it up using inertia-vue, everything works in the original project but as I'm trying to set this up in the new project I'm getting these errors and I'm not sure why.

@msslgomez make sure that you register the middleware in the Http/Kernel.php. Make sure that you have the roles in the database for the user that you are checking it for.

Also just for test try removing the middleware from the route group and make sure that the routes work without it. If they do, then you've got a step closer to the problem :) that's the way to debug this.

@nakov I removed the route group and still get the unauthorized message, and the middleware is in the Kernal.php

@msslgomez can you please provide more context. Which route gives you that error? Do you try the route using browser / postman / vue.js / jQuery?

Share more code it will be better.

I removed the route group and still get the unauthorized message

Are they cached. If so clear. Just another thing to look at.

@jlrdw yes I did clear the cache

@nakov basically all the routes that have a table in them, I'll be referencing a specific page called locations, this is the controller functions for showing the view and the table

public function index(Request $request)
{
    $query = Location::query();

    return TableVue::arrayOf($request, $query, ['name']);
}

public function renderView() {
    return Inertia::render('locations/index');
}

The renderView works because I can see the page but when the table tries to load then I get the Unauthorized/Unauthenticated error

@msslgomez but most probably when the table loads it is hitting another endpoint which is again Auth protected. So you should check there. Check the Network tab on your browser console, and see which route is being hit.

@nakov in the General part it says

Request URL: http://dev.inae.com/api/locations?page=1&paginate=true&per_page=10
Request Method: GET
Status Code: 401 Unauthorized
Remote Address: 127.0.0.1:80
Referrer Policy: no-referrer-when-downgrade

Is that the endpoint you're referencing to ?

Well, are you trying to hit a route on another server? Obviously your local one is not http://dev.inae.com :)

Make sure your APP_URL in the .env file is set to your own in case that one is used.

@nakov yes actually, dev.inae.com is a local project, since I work on 3 or 4 pages at once I give individual names to each for the browser, if they were all localhost it would never work. I change that using files for my xampp, and windows system

.com is a paid domain. You should use .test instead for example.

@nakov its local only, I don't have to pay for it since that's just the name I give it on my computer, that's not a real website address. That's why I use dev. before to differentiate the projects currently in development. I have others that are page.me or stuff like that, it's just a name.

@msslgomez I understand that, but recently .dev stopped working even on LOCALHOST projects. But anyway, back to your problem..

http://dev.inae.com/api/locations?page=1&paginate=true&per_page=10 is hitting the endpoint in your api.php file. So check which middleware is used there.. Open RouteServiceProvider and check your mapApiRoutes function, if it applies a middleware that authorizes the incoming request.

@nakov there isn't much in the RouteServiceProvider but I'll post what is there

 protected $namespace = 'App\Http\Controllers';

public function boot()
    {
        //

        parent::boot();
    }

public function map()
    {
        $this->mapApiRoutes();

        $this->mapWebRoutes();

        //
    }

protected function mapWebRoutes()
    {
        Route::middleware('web')
             ->namespace($this->namespace)
             ->group(base_path('routes/web.php'));
    }

protected function mapApiRoutes()
    {
        Route::prefix('api')
             ->middleware('api')
             ->namespace($this->namespace)
             ->group(base_path('routes/api.php'));
    }

@msslgomez so do you use Passport maybe for your api routes? What is the driver for your api set to in your config/auth.php?

@nakov

'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'passport',
            'provider' => 'users',
        ],
    ],

@msslgomez so that's your problem my friend :) You use passport, but there was no token in your URL to authenticate your request..

https://laravel.com/docs/master/passport

@nakov I've never user passport before, how should I add the token? The Users table doesn't have a token per say but it does have a uuid field, I'm assuming it's used for this purpose.

@msslgomez please follow the documentation that I have shared. It is not as easy as one, two, three so I can explain it in a post. You should read the documentation try it out, and get back with a question when you get stuck..

if you want to avoid using passport for now, just change your api driver to session as well, and it will just expect a logged in user I guess.

@nakov it doesn't matter if I put passport or session in the auth.php I still get the same error

@msslgomez Take a look at the question and the answer here:

https://stackoverflow.com/questions/43015063/laravel-api-authentication-using-passport-results-in-401-unauthorized

Make sure you have both what the question says, and the answer.