I have an application that has the following setup:
Laravel
Host: appname.local:8000
Environment variables:
Angular
Host: appname.local:4200
What works at the moment:
Angular methods to get token and authenticate user
Session database entry after successful authentication
What does not work:
Subsequent requests to routes that are protected by the following middleware: auth:sanctum all result in unauthenticated responses. The HTTP requests never make it to my controllers.
auth:sanctum protected routes
But I can see in the developer's console that the cookies are being sent. So I don't understand why Sanctum isn't picking up the auth
I've followed several tutorials and I can't seem to understand why Laravel's Authenticate middleware is unable to see that I've already authenticated my user.
Does anyone know what I could be doing wrong?
The answers provided by @agm1984 and @Eden Webstudio were quite useful. However, they did not solve my issue.
After additional debugging, I noticed that sanctum's guard logic looks for a guard in
config/sanctum.php
. Its default value is web. My default guard for the protected routes is the api guard which is the guard that I used during the authentication process.
After setting the guard key in config/sanctum.php with 'api' the authentication seems to be working smoothly. To be honest, I can't remember why I decided to the session driver for my api guard.
config/sanctum.php
config/auth.php
Laravel Sanctum doesn't appear to support wildcard domains for the SPA.
Try removing the dot.
SANCTUM_STATEFUL_DOMAINS='appname.local'
You may need a different solution for wildcard subdomains. You could look at bearer token option. I haven't tested this though.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With