Hi,
I'm using the laravel-websockets package toghether with Laravel broadcasting and events. First I made a seperate event which implements the ShouldBroadcast intercace and contains a broadcastOn function which returns a public Channel. I use Vue + Echo library in order to receive the events which get broadcasted by the Laravel backend.
But after adding a seperate Event which get broadcasted through a PrivateChannel, I get the following error in my webbrowser conole:
app.js:68125 POST http://localhost:8000/broadcasting/auth 405 (Method Not Allowed)
I checked the existing routes with artisan route:list, but the list doesn't show anything like "broadcasting/auth". The only route which seems to get close is this one:
| POST | admin/websockets/event | BeyondCode\LaravelWebSockets\Dashboard\Http\Controllers\SendMessage |
I checked config\app.php for Illuminate\Broadcasting\BroadcastServiceProvider::class which is enabled. I have two event listeners in my bootstrap.js:
window.Echo.channel('DemoPublicChannel').listen('WebSocketDemoPublicEvent', (e) => { console.log(e); });
window.Echo.private('DemoPrivateChannel').listen('WebSocketDemoPrivateEvent', (e)=> { console.log(e) });
When commenting the private one, the HTTP 405 error disappears. The public message is printed in the console when broadcasted by the Laravel backend, the private message doesn't show up.
Do you have any idea where I can find the routes and why they aren't displayed in the artisan route:list output?
The channels.php authorization function just returns true, so I guess the user should be authorized to access the channel, and I use sanctum SPA authentication to authenticate.
do you have the App\Providers\BroadcastServiceProvider::class enabled (uncommented) in config/app.php?
in its boot method there is a Broadcast::routes() called that should generate the auth routes https://github.com/laravel/laravel/blob/8.x/app/Providers/BroadcastServiceProvider.php#L17
https://laravel.com/docs/8.x/broadcasting#defining-authorization-routes
Hi, thanks for your reply.
I checked config\app.php for Illuminate\Broadcasting\BroadcastServiceProvider::class which is enabled. (see my first post)...
So thats why I find it a little strange that I can't see any broadcast routes listed.
By the way, I put. my code on GitHub: https://github.com/jpostema81/websockets_chat.git
@barley yep, different thing;) https://github.com/jpostema81/websockets_chat/blob/main/config/app.php#L174
Hi, thanks again - you were correct - I misread the line - now I see it's a completely different namespace, but same class name... Could you tell me whats the difference between the Illuminate\Broadcasting\BroadcastServiceProvider::class framework service provider, and the App\Providers\BroadcastServiceProvider::class " application service provider? It's a bit confusting to me - are they both facilitating event broadcasting?
@barley yes, they are basically a one thing when put together. the Illuminate\Broadcasting\BroadcastServiceProvider part is the "fixed part made by laravel artisans" and the App\Providers\BroadcastServiceProvider is the "user customizable part". probably not the best explanation ever, but i think it covers the essence.
oh, and feel free to accept the previous answer if it was of any help
Hi, thanks for your reply and help! It makes sense to me :)
Hi, even though I uncommented the second BroadcastServiceProvider, no /broadcasting/auth route, as described in the documentation, is showing up...
I updated my codeat GitHub: https://github.com/jpostema81/websockets_chat.git
i've just cloned the repo, (then ran composer update because composer was complaining about composer.lock) and i see the broadcasting/auth route just fine
$ php artisan route:list -c --path broadcasting
+---------------+-------------------+----------------------------------------------------------+
| Method | URI | Action |
+---------------+-------------------+----------------------------------------------------------+
| GET|POST|HEAD | broadcasting/auth | Illuminate\Broadcasting\BroadcastController@authenticate |
+---------------+-------------------+----------------------------------------------------------+
Hi Samuel,
thanks again for your reply. You were correct, right now I have it listed too :)
But the only problem that remains is that I always receive a HTTP 403 Forbidden status code when I start listening to a private channel on the clientside:
window.Echo.private('DemoPrivateChannel').listen('WebSocketDemoPrivateEvent', (e)=> { this.wsData = e; });
... even though it seems I am authenticated by Sanctum, at least I can request the logged in user through route 'api/user' successfully after logging in (which is protected by the santum middleware), but starting a websockets private channel always results in a 403 status code. (while the websockets routes are protected by sanctum middleware as well)
I don't know where to look for the exact cause: how can I get the precise cause / location where the software 'blocks' the request?
As far as I'm aware of, there are at least two places where authentication and authorization takes place:
routes/channels.php:
Broadcast::channel('DemoPrivateChannel', function ($user, $id) { return true; });
app/Providers/BroadcastServiceProvider.php:
public function boot() { Broadcast::routes(["middleware" => ["auth:sanctum"]]); require base_path('routes/channels.php'); }
(not sure if I should apply the sanctum middleware here)
@barley, i've never tried that, but i suggest you to start another thread here on the forum, someone might help you there
Please or to participate in this conversation.