0

I have a problem with 'domain' => env ('SESSION_DOMAIN', null) in the session.php file. When set SESSION_DOMAIN value in .env file, for example

SESSION_DOMAIN=mysite.test

login don't works and there seems to be a middlaware. If not set this parameter, login work fine, therefore when I call api protected route with sanctum maiddleware ex.

Route::middleware(['auth:sanctum'])->group(function () {
    Route::get('/myroute', function () {
        return 'hello world!';
    });
});

I have unauthenticated response. If use web.php file route and insert the same function:

Route::middleware(['auth:sanctum'])->group(function () {
     Route::get('/api/myroute', function () {
         return 'hello world!';
    });
});

with api prefix, its works fines. I followed laravel 8.x sanctum documentation https://laravel.com/docs/8.x/sanctum. In laravel projects 7.* without jetstream I had no problem. There's any suggest or explaination for this phenomenon. Any explanation would be helpful for me! Many Thanks.

Improve this question

1 Answer 1

Reset to default
4

I ran into a similar issue where I could not authenticate any API request from my frontend. Turns out the generated Kernel.php did not include the Sanctum middleware for session cookies by default - you have to add it manually in your app/Http/Kernel.php:

 'api' => [
        EnsureFrontendRequestsAreStateful::class, // <- Add and import this middleware
        'throttle:api',
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
 ],

After doing this API requests from my frontend are working again. Maybe this resolves your issue as well.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.