Level 2
Have you tried updating your .hosts file to point localhost:3000 to (for instance) api.xyz.org and updating the API endpoint in your code? Not tried, so no guarantees, but maybe?
Summer Sale! All accounts are 50% off this week.
I'm developing a web application using Laravel (backend) and Next.js (frontend) with Laravel Sanctum SPA cookie based session authentication. I've deployed the Laravel backend on abc.xyz.org, while developing the frontend on localhost:3000.
abc.xyz.org)localhost:3000)403 Forbidden error because auth()->user() is null.CORS Configuration:
allowed_origins in config/cors.php.CSRF Middleware:
api/* to $except in app/Http/Middleware/VerifyCsrfToken.php.Result: These changes allowed login to succeed, but subsequent requests still fail with 403 Forbidden.
abc.xyz.org
localhost:3000 (does not share the same domain).Laravel Version: 10
Laravel Sanctum Version: 3.3
Next.js Version: 14.2
APP_NAME='ABC'
APP_ENV=production
APP_KEY=base64:rwerkjl34lkjh345jkhkj56hkjh345kj=
APP_DEBUG=true
APP_URL=backend_url
LOG_CHANNEL=stack
LOG_DEPRECATIONS_CHANNEL=null
LOG_LEVEL=debug
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=abc
DB_USERNAME=abc
DB_PASSWORD=abc123
BROADCAST_DRIVER=pusher
CACHE_DRIVER=file
FILESYSTEM_DISK=local
QUEUE_CONNECTION=sync
SESSION_DRIVER=cookie
SESSION_LIFETIME=120
Please or to participate in this conversation.