I have a project that serves as a CMS (cms.example.com) and an API (api.example.com)
In both docker and production environments, when I request the root of api.example.com/, it redirects me to api.example.com/login
I understand why it does this for cms.example.com, as it has auth middleware set up, but I cannot get it to stop doing this for api.example.com
There is no auth middleware set up for the root route for the api.
FWIW, this is an old app that I rebuilt from Laravel 6. The old app is still in production and does not have this issue so I'm guessing its a Laravel 7/8/9 feature, but I am having trouble tracking down a solution.
In case anyone stumbles on this while in a similar predicament, the solution appears to be to put the authenticated middleware config AFTER unauthenticated middleware in app/Providers/RouteServiceProvider.php
E.g. api.example.com is above cms.example.com here and so api.example.com/ will correctly. not redirect to /login
public function boot()
{
$this->routes(function () {
// this domain does not have/need authentication so it goes first
// so that api.example.com/ will not redirect to api.example.com/login
Route::middleware('api')
->domain('api.example.com')
->namespace('App\Http\Controllers')
->group(base_path('routes/api.php'));
Route::middleware('cms')
->domain('cms.example.com')
->namespace('App\Http\Controllers')
->group(base_path('routes/cms.php'));
});
}
