auth:api middleware routes being redirected to login route (passport)

Posted 1 week ago by mrkowala

So I've seen a lot of people posting about this, but most of the time it appears to be issues with the headers (which I'm not dismissing in this case), but here's the situation:

APIPostsController.php

<?php

namespace App\Http\Controllers\API;

use Illuminate\Http\Request;

use App\Post;
use App\Http\Controllers\Controller;

class APIPostsController extends Controller
{

    
    public function apiPosts()
    {
    //Just for testing purposes

        return response()->json([
            'name' => 'Abigail',
            'state' => 'CA'
        ]);
    }
}

api.php

<?php

use Illuminate\Http\Request;

/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/


Route::get('/v1/posts/','API\[email protected]');

I am currently able to go to oauth/token to request an access_token. Now, you'll notice in both of those files that there is no mention of the auth:api middleware - that's because as soon as I do that, the requests I send become 401: Unathenticated. The header I have is :

Authorization: Bearer token_goes_here Accept: application/json

I'm able to get a response with and without the token (obviously, since the middleware isn't be used). But this breaks as soon as I pass the route through the api:auth middleware by giving me that 401 error. Any thoughts?

auth.php

/*
    |--------------------------------------------------------------------------
    | Authentication Guards
    |--------------------------------------------------------------------------
    |
    | Next, you may define every authentication guard for your application.
    | Of course, a great default configuration has been defined for you
    | here which uses session storage and the Eloquent user provider.
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | Supported: "session", "token"
    |
    */

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'passport',
            'provider' => 'users',
        ],
    ],

Please sign in or create an account to participate in this conversation.

Laracasts Mascot

Hi, Have We Met Yet?

Did you know that, in addition to the forum, Laracasts includes well over 1000 lessons on modern web development? All for the price of one lunch out per month.

Sign Me Up

Channels

Reply to

Use Markdown with GitHub-flavored code blocks.