I've added an key in the database with abilities "user:addkeys".
In my routes/api.php I've changed the route to create new keys into this:
Route::middleware('auth:sanctum')->post('/tokens/create', function (Request $request) {
$user = User::find($request->user_id);
$retval = [];
if ($user->tokenCan('user:addkeys')) {
$capabilities = explode(',',$request->capabilities);
$token = $user->createToken($request->token_name, $capabilities);
return ['token' => $token->plainTextToken];
}
return $retval;
});
When I run the url via Postman with the token that exists in the database im able to pass the auth:sanctum but the tokenCan keeps returning false.
Any idea why?
