The Laravel framework is an open-sourced PHP web framework that allows developers to create dynamic and scalable web applications. The source code of Laravel is hosted on GitHub and released under the MIT license.
Questions tagged [laravel-sanctum]
585 questions
0
votes
1 answer
Laravel Sanctum CSRF returns 419 for unprotected routes
I have a SPA app where I try to implement Sanctum's CSRF protection.
From docs:
To authenticate your SPA, your SPA's "login" page should first make a request to the /sanctum/csrf-cookie endpoint to initialize CSRF protection for the…
Toydor
- 2,277
- 4
- 30
- 48
0
votes
1 answer
Protect internal (SPA) routes from other users in Laravel Sanctum
I've configured Laravel Sanctum and everything is working with my SPA, however if a user create a token, they can inspect my website and call my internal SPA routes (which is not intended for their usage), what i have now…
Pezhvak
- 9,633
- 7
- 29
- 39
0
votes
4 answers
Laravel 8 API post request objest are empty
I am new to Laravel (version 8), and not a big fun of php, but now I need to write a simple API in php, and I have problems.
First, I can login, I got the token. That's a good part.
My route configuration in api.php looks like this:
use…
Wasyster
- 2,279
- 4
- 26
- 58
0
votes
1 answer
Laravel 7 Policy not working (or not registered) using Sanctum with Vue SPA
Laravel Policy is not being registered. Even if the Policy denies all abilities any authenticated user is being able to perform any action on any resource.
Policy example:
Student of Science
- 494
- 5
- 19
0
votes
3 answers
Vuex persist authenticated status
I'm using Vuex and Laravel sanctum to authenticate users. The following is my Vuex auth.js
import axios from 'axios'
export default {
namespaced: true,
state:{
authenticated: false,
user: null
},
getters:{
…
user3714932
- 1,253
- 2
- 16
- 29
0
votes
0 answers
Why should we call sanctum/csrf-cookie on Laravel Sanctum
I was reading document, and one question occurred. Why would we need to call this endpoint /sanctum/csrf-cookie to get CSRF protection when login?
I understand what CSRF is, and per my understanding, the practice that Laravel uses to prevent CSRF is…
Ray
- 333
- 4
- 11
0
votes
1 answer
Laravel Sanctum/React on LAMP Stack - Unauthenticated but x-xsrf-token present
I'm using Laravel Sanctum on a LAMP Stack. I have my frontend react app pointed to
/var/www/app.example.com and my backend Laravel pointed to /var/www/appapi.example.com on the same server. Both load fine.
I am currently building off of this…
Jay
- 566
- 6
- 18
0
votes
1 answer
PHPunit: can't assert API login test
I'm trying to follow best practices using TDD to build the auth logic with Sanctum. But haven't been able to pass the login test.
Using postman the route works well:
But the test is not behaving as expected. It'd simply fail.
1)…
Fer Toasted
- 1,274
- 1
- 11
- 27
0
votes
2 answers
update data API not working in Postman the error said Column 'nama_pelanggan' cannot be null
i have a problem in my code API laravel 8 in update data, i think my code it's correct, i don't know where the error, is it i'm wrong in my code or am i wrong when i updating data this is the code
the controller
public function update(Request…
Marc Jamal
- 47
- 1
- 2
- 12
0
votes
4 answers
Laravel Sanctum XSRF-TOKEN Cookie not Getting Sent
I'm using Laravel 8 and I've been trying to follow the sanctum documentation for SPA authentication. I've already done setting up the necessary configurations required. The backend server is running on localhost with default port(80) while SPA…
Michael Erwin
- 63
- 1
- 6
0
votes
1 answer
Why is Laravel 8 sanctum tokenCan not working?
I've added an key in the database with abilities "user:addkeys".
In my routes/api.php I've changed the route to create new keys into this:
Route::middleware('auth:sanctum')->post('/tokens/create', function (Request $request) {
$user =…
Ruud van de Ven
- 206
- 2
- 12
0
votes
1 answer
AJAX request to Laravel backend returns 419 CSRF token mismatch
I'm creating a SPA using NextJS and I have a Laravel backend for my API. To authenticate my SPA I'm using laravel sanctum.
My API is on api.domain.com and my app is on domain.com
I've set these environment variables which are relevant to this…
Carwyn Stephen
- 134
- 4
- 23
0
votes
2 answers
Laravel Sanctum SPA Authenticate Different User Table
So Basically we have two tables, one is the users table which is for the users of the site. The other is for people signing up for a webinar. We call this table Attendants. I want people to log into Attendant, and have Sanctum validate that, but I…
Jeffrey Hosler
- 16
- 1
- 3
0
votes
1 answer
How to invalidate mobile personal access token after backend deletion?
I am using Laravel as my backend together with Sanctum which generates personal access token for mobile users. For my mobile application I am using flutter.
To authenticate users they login with their username/password and get a personal access…
Stephan-v
- 19,255
- 31
- 115
- 201
0
votes
1 answer
How to use laravel sanctum without typical laravel /login
I have been created PWA with NuxtJS,
then I'm going to use sanctum package, but I don't want to request to the typical Laravel /login route, because I have a customized api /login route which authenticates users with OTP, not by password!
So I'm…
Milad Mohammadi
- 176
- 1
- 9