Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

cn_d's avatar
cn_d
OP
7 years ago
Level 1

API - Login route does not send access token in body

I created a Laravel API that is consumed by a Vue front-end. It works great locally, I pushed it to the staging server and my /login route does not work, it returns a 200 status even if the credentials are wrong. Nothing is returned in the body, not the access_token if the credentials are right and no errors if the credentials are wrong, just an empty 200 status.

All other routes are working. I got the Bearer token by hitting /oauth/token/ and if I manually add the Bearer token to localStorage through the console I can log in and access the necessary pages and data.

How can I debug what is going on here? Any pointers are greatly appreciated.

AuthController.php

   public function login(Request $request) 
    {
        $http = new \GuzzleHttp\Client;

        try {
            $response = $http->post(config('services.passport.login_endpoint'), [
                'form_params' => [
                    'grant_type' => 'password',
                    'client_id' => config('services.passport.client_id'),
                    'client_secret' => config('services.passport.client_secret'),
                    'username' => $request->username,
                    'password' => $request->password,
                ]
            ]);
            return json_decode((string) $response->getBody(), true);
        } catch (\GuzzleHttp\Exception\BadResponseException $e) {
            if ($e->getCode() === 400) {
                return response()->json('Invalid Request. Please enter a username or a password.', $e->getStatusCode());
            } else if ($e->getCode() === 401) {
                return response()->json('Your credentials are incorrect. Please try again', $e->getStatusCode());
            }
            return response()->json('Something went wrong on the server.', $e->getStatusCode());
        }
    }

api.php

Route::middleware('auth:api')->group(function() {

    Route::get('/user', function (Request $request) {
        return $request->user();
    });

    Route::post('/logout', 'AuthController@logout');

    Route::patch('comments/{comment}', 'CommentsController@update');
    Route::delete('comments/{comment}', 'CommentsController@destroy');

});

Route::get('/comments', 'CommentsController@index');
Route::post('/comments', 'CommentsController@store');

Route::post('/login', 'AuthController@login');
Route::post('/register', 'AuthController@register');

Screenshot of Network Request

0 likes
0 replies

Please or to participate in this conversation.