Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

Moseskamau338's avatar

Authentication for Laravel, Vue and Blade

Am building a membership site and this is part of the design that is in place: img

So, I started the project by pulling in breeze:install --api which is working now after some hard battle Then, I got to the point where I need an admin dashboard. I tried another Vue app, but I couldn't figure it out so I defaulted to blade.

The problem is:

When I try to submit a form with the csrf attached, it always throws a 419 error.

Please help me know how to fix these issue.

0 likes
2 replies
Moseskamau338's avatar

Code Context

routes/web.php

<?php

use App\Http\Controllers\Admin\ProfileController;
use Illuminate\Support\Facades\Route;

/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/

Route::get('/', function () {
    return view('index');
});
Route::get('/dashboard', function () {
    return view('dashboard');
})->middleware(['auth'])->name('dashboard');

Route::middleware('auth')->group(function () {
    Route::get('/profile', [ProfileController::class, 'edit'])->name('profile.edit');
    Route::patch('/profile', [ProfileController::class, 'update'])->name('profile.update');
    Route::delete('/profile', [ProfileController::class, 'destroy'])->name('profile.destroy');
});

Route::stripeWebhooks('/stripe/invoice-webhooks');

require __DIR__.'/adminAuth.php';
require __DIR__.'/auth.php';

routes/adminAuth.php

<?php

use App\Http\Controllers\Admin\Auth\ConfirmablePasswordController;
use App\Http\Controllers\Admin\Auth\AuthenticatedSessionController;
use App\Http\Controllers\Admin\Auth\NewPasswordController;
use App\Http\Controllers\Admin\Auth\PasswordController;
use App\Http\Controllers\Admin\Auth\PasswordResetLinkController;
use App\Http\Controllers\Admin\Auth\RegisteredUserController;
use Illuminate\Support\Facades\Route;

Route::middleware('guest')
    ->name('admin.')
    ->prefix('system')
    ->group(function () {
    // Route::get('register', [RegisteredUserController::class, 'create'])
    //             ->name('admin.register');
    //
    // Route::post('register', [RegisteredUserController::class, 'store']);

    Route::get('login', [AuthenticatedSessionController::class, 'create'])
                ->name('login');

    Route::post('login', [AuthenticatedSessionController::class, 'store']);

    Route::get('forgot-password', [PasswordResetLinkController::class, 'create'])
                ->name('password.request');

    Route::post('forgot-password', [PasswordResetLinkController::class, 'store'])
                ->name('password.email');

    Route::get('reset-password/{token}', [NewPasswordController::class, 'create'])
                ->name('password.reset');

    Route::post('reset-password', [NewPasswordController::class, 'store'])
                ->name('password.store');
});

Route::middleware('auth')
    ->name('admin.')
    ->prefix('system')
    ->group(function () {

    Route::get('confirm-password', [ConfirmablePasswordController::class, 'show'])
                ->name('password.confirm');

    Route::post('confirm-password', [ConfirmablePasswordController::class, 'store']);

    Route::put('password', [PasswordController::class, 'update'])->name('password.update');

    Route::post('logout', [AuthenticatedSessionController::class, 'destroy'])
                ->name('logout');
});
Moseskamau338's avatar

routes/auth.php (API routes)


<?php

use App\Http\Controllers\Auth\RegisteredUserController;
use App\Http\Controllers\MemberProfileController;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;

/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/

Route::middleware(['auth:sanctum'])->group(function() {
    Route::get('/bar', function (Request $request) {
       return 'foo';
    });
    Route::get('/user', function (Request $request) {
       logger('Testing logger');
        return new \App\Http\Resources\UserResource($request->user());
    });
});

Route::middleware('guest')->group(function () {
    Route::post('/onboard/member', [RegisteredUserController::class, 'store']);
    Route::post('/member-profile/{user}', [MemberProfileController::class, 'store']);
});

Route::get('/members', [\App\Http\Controllers\MemberController::class, 'index']);

Controller structure

img

Please or to participate in this conversation.