Category : bearer-token

My API root is like this : http://localhost/cloud/website/api/v1/ I am trying to get a response from API but keep getting 500 SERVER ERROR. $token =’24|cbG3w1ONkxxeUBhLCGwFjOSLk……’; $response = $client->request(‘GET’, ‘http://localhost/cloud/website/api/v1/entries?perPage=50’, [ ‘headers’ => [ ‘Authorization’ => ‘Bearer ‘.$token, ‘Accept’ => ‘application/json’, ], ]); return $response->body(); But when I request on Postman then it gives me a ..

Read more

I am manually suspending an account and by the middleware i revoke a token. The access token get sucessfully revoked which was confirmed by oauth_access_token table revoked column marked as "1". Once i remove the suspension of the "account" it’s succesfully logged in. But once i logged in i can’t able to use the new ..

Read more

Laravel Jwt API testing with external Vue app. When I add authorization from dropdown it is working fine. see below But same thing is do in Axios(in my vue app) using header config, but does not work and show invalid token. here is the code const token = localStorage.getItem("jwtToken");if (token){axios.defaults.headers.common["Authorization"] = "Bearer " + token;} ..

Read more

Im confused after a lot of reading i think that ive understand less than before!!!! I’ve my passport configured on laravel 8: ‘api’ => [ ‘driver’ => ‘passport’, ‘provider’ => ‘users’, ], So Im serving via these routes, login. logout and registration: Route::post(‘/register’, [AuthController::class, ‘register’] ); Route::post(‘/login’, [AuthController::class, ‘login’]); Route::post(‘/logout’, [AuthController::class, ‘logout’]); and the AuthController ..

Read more

TL;DR: If a bearer-token request hits an endpoint with route-model-binding but with an incorrect token, the response should be 401 instead of 404. It is 404 though because the model is resolved before the token is checked. Environment: Laravel 8 Sanctum bearer token-authentication for API-requests; There is no SPA involved. using implicit route-model-binding My problem: ..

Read more

I have some questions related to Sanctum’s API token authentication. My frontend runs on a different domain than my backend. In the future, the frontend will even be compiled to an .apk for mobile. So I need a stateless API (possible with API token authentication), right? Everything that’s CSRF related I may abandon then? That ..

Read more

I watched this tutorial for api token authentication with laravel sanctum. When logging in, I retrieve a Bearer token which I add to the axios header. But when trying to fetch the user via /api/user, I get a 401. Notice that I don’t use CSRF tokens since I’m using Sanctum Api Token Authentication and not ..

Read more

Here is a code in config/auth.php ‘guards’ => [ ‘web’ => [ ‘driver’ => ‘session’, ‘provider’ => ‘users’, ], ‘api’ => [ ‘driver’ => ‘jwt’, ‘provider’ => ‘users’, ‘hash’ => false, ], ‘client’ => [ ‘driver’ => ‘jwt’, ‘provider’ => ‘clients’, ] ], ‘providers’ => [ ‘users’ => [ ‘driver’ => ‘eloquent’, ‘model’ => AppUser::class, ..

Read more