laravel jetstream request api route middleware protected api:sanctum return unauthenticated response

Question

I have a problem with 'domain' => env ('SESSION_DOMAIN', null) in the session.php file. When set SESSION_DOMAIN value in .env file, for example

SESSION_DOMAIN=mysite.test

login don't works and there seems to be a middlaware. If not set this parameter, login work fine, therefore when I call api protected route with sanctum maiddleware ex.

Route::middleware(['auth:sanctum'])->group(function () {
    Route::get('/myroute', function () {
        return 'hello world!';
    });
});

I have unauthenticated response. If use web.php file route and insert the same function:

Route::middleware(['auth:sanctum'])->group(function () {
     Route::get('/api/myroute', function () {
         return 'hello world!';
    });
});

with api prefix, its works fines. I followed laravel 8.x sanctum documentation https://laravel.com/docs/8.x/sanctum. In laravel projects 7.* without jetstream I had no problem. There's any suggest or explaination for this phenomenon. Any explanation would be helpful for me! Many Thanks.

score 4 · Answer 1 · answered Sep 20 '20 at 09:38

I ran into a similar issue where I could not authenticate any API request from my frontend. Turns out the generated Kernel.php did not include the Sanctum middleware for session cookies by default - you have to add it manually in your app/Http/Kernel.php:

 'api' => [
        EnsureFrontendRequestsAreStateful::class, // <- Add and import this middleware
        'throttle:api',
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
 ],

After doing this API requests from my frontend are working again. Maybe this resolves your issue as well.

laravel jetstream request api route middleware protected api:sanctum return unauthenticated response

1 Answers1