Level 3
- Based on provided information it is possible that debug code is added/pushed.
- On test environment, tested with both flow, raw json and form data?
- Off topic: Is it necessary for Login API endpoint to accept both raw json and form data?
Oct 8, 2024
4
Level 1
Laravel Login api adds request Payload in response automatically on PHP Docker
API response includes automatically the request payload along with the expected response. This issue only occurs when the payload is sent in the request body as raw JSON not with form data.
This is route for login API and login method in AuthController .
Route::group([
'middleware' => 'api',
], function ($router) {
Route::post('login', [AuthController::class, 'login']);
});
public function login(Request $request)
{
$response = null;
$credentials = $request->only(['email', 'password']);
$user = $this->getUserByEmail($credentials['email']);
$token = $user->createToken($credentials['email'])->plainTextToken;
$response = response()->json([
'access_token' => $token,
'token_type' => 'bearer',
], Response::HTTP_OK);
return $response;
}
Response: { "email":"[email protected]", "password":"123" } {"access_token":"73423|B70ciH8DzNiSnDmGwuzSadsfdsfdqJBIHSk62aYZ", "token_type":"bearer" }
What could be causing the request payload to be included in the API response in the Dockerized environment?
How can we prevent this and ensure the response only returns the expected data?
Level 1
@jigar_dhulla API end point should accept only JSON. i have also updated the question with relevent code.
Level 3
Not sure. It's possible that $credentials is being echoed somewhere.
Can you also add exact response in code format?
Probably some one else can help.
All the best.
Level 1
@jigar_dhulla Sure here is response
{ "email":"[email protected]", "password":"123" } {"access_token":"73423|B70ciH8DzNiSnDmGwuzSadsfdsfdqJBIHSk62aYZ", "token_type":"bearer" }
Please or to participate in this conversation.