routes code :
Route 1 :
Route::middleware('auth:sanctum')->get('/test_solo', function (Request $request) {
if ($request->user()->getpermissionnames()[0]===UserPermission::CUSTOMER) {
return "auth by solo";
}
});
response :
(http code 200)
...............
auth by solo
...............
//telescope view screenshot: events are the same in both
Route 2 :
Route::group(['middleware' => ['can:' . UserPermission::CUSTOMER , 'auth:sanctum']], function () {
Route::get('test_group', function (Request $request){
return "auth by group";
});
}
response :
(http code : 403)
"message": "This action is unauthorized.",
"exception": "Symfony\\Component\\HttpKernel\\Exception\\AccessDeniedHttpException",
"file": "C:\\xampp\\htdocs\\sampleme\\api\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Exceptions\\Handler.php",
"line": 379,
//telescope view screenshot :
//gates of /test_group //cache of /test_group notice that this 2 tabs ( cache and gates do not exist in /test_solo screen shot)!
request->user()->getpermissionnames returns "customer" if user (loged in) has customer permissions. let me know if anything is helpful for an answer so I post them too.
sanctum.php :
<?php
return [
'stateful' => explode(',', env(
'SANCTUM_STATEFUL_DOMAINS',
'localhost,127.0.0.1,127.0.0.1:8000,::1,localhost:8000'
)),
'expiration' => null,
'middleware' => [
'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class,
'encrypt_cookies' => App\Http\Middleware\EncryptCookies::class,
],
];
