when I use auth api gaurd for logout route. I am facing with the following Exception
Auth guard [:api] is not defined
I have already implemented registration login Apis but I am facing this error with logout api which I had protected using auth::api
config.auth file
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
api.php
Route::group(['prefix'=>'auth'],function(){
Route::post('login','AuthController#login');
Route::post('signup','AuthController#signup');
Route::group(['middleware' => 'auth::api'], function () {
Route::get('logout','AuthController#logout');
Route::get('user','AuthController#user');
});
});
I should be able to logout the user
If you are using Laravel 9+ and Passport, you need to implemented this inside the guard array on config/auth.php file:
'guards' => [
...
// you need to implement this
'api' => [
'driver' => 'passport',
'provider' => 'users',
'hash' => true,
],
],
You have an extra colon in your code, that's why it is trying to find the guard :api.
According to the docs:
Middleware parameters may be specified when defining the route by
separating the middleware name and parameters with a :. Multiple
parameters should be delimited by commas:
Route::put('post/{id}', function ($id) {
//
})->middleware('role:editor');
So in your case it would be:
Route::group(['prefix' => 'auth'], function () {
Route::post('login','AuthController#login');
Route::post('signup','AuthController#signup');
Route::group(['middleware' => 'auth:api'], function () {
Route::get('logout','AuthController#logout');
Route::get('user','AuthController#user');
});
});
I had the same issue, it seems that i forgot to change Authentication Defaults
so in config/auth.php change this
'defaults' => [
'guard' => 'web',
....
],
into this
'defaults' => [
'guard' => 'api',
....
],
Related
Using passport for api authentication, everything working fine, I can create token, revoke and etc but problem is it won't expire.
AuthServiceProvider.php
public function boot()
{
$this->registerPolicies();
if (! $this->app->routesAreCached()) {
Passport::routes();
Passport::tokensExpireIn(Carbon::now()->addMinute(1));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
Passport::personalAccessTokensExpireIn(Carbon::now()->addMinute(1));
}
}
auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'sellers',
'hash' => false,
],
],
api.php
Route::middleware('auth:api')->group(function () {
... routes...
It should expire token after 1 minute! but nothing happen, still can access to those protected routes, I'm not laravel expert, should I do something more? or I missed something to do?
I have use jwt.auth in Laravel Auth for API, token successfully generated by login but the bearer token not validated for other jwt.auth middleware.
API Route
Route::group(['middleware' => ['api'], 'namespace' => 'Api'], function(){
Route::group(['prefix' => 'user','middleware' => ['assign.guard:user']],function ()
{
Route::post('register', [App\Http\Controllers\UserController::class, 'register']);
Route::post('login', [App\Http\Controllers\UserController::class, 'login']);
Route::post('/logout', [App\Http\Controllers\UserController::class, 'logout'])->middleware('jwt.auth');
Route::post('/refresh', [App\Http\Controllers\UserController::class, 'refresh'])->middleware('jwt.auth');
Route::get('/user-profile', [App\Http\Controllers\UserController::class, 'userProfile'])->middleware('jwt.auth');
Route::post( 'send-inquiry', [App\Http\Controllers\API\InquiryController::class, 'store'])->middleware('jwt.auth');
});
});
config/app.php
'providers' => [
Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
],
'aliases' => [
'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
'JWTFactory' => Tymon\JWTAuth\Facades\JWTFactory::class,
],
config/auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt',
'provider' => 'vendors',
],
'vendor' => [
'driver' => 'jwt',
'provider' => 'vendors',
],
'user' => [
'driver' => 'jwt',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
],
Middleware File : app/Http/Middleware/AssignGuard.php
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class AssignGuard
{
public function handle($request, Closure $next, $guard = null)
{
if($guard != null)
auth()->shouldUse($guard);
return $next($request);
}
}
Please help.
Thanks in Advance..
You need to send authorization token in the header. You might need to modify your Apache settings to allow for authorization headers to be sent.
Authorization: Bearer {yourtokenhere}
You can modify your .htaccess file with:
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
I'm working on a Laravel 8 project with Inertia.js. In the login function, I can use Auth::user() to get the user. However, after login, the other functions get a null in Auth::user(). I'm not sure what's wrong. Can someone help me?
I considered that Laravel Auth uses sessions to recognize the current user, so I tried to list session by dd($request->session()->all()); before and after login. And the session value of "_token" does not change.
Login function
public function handleProviderCallback(Request $request)
{
// user from socialite
$user = \Socialite::with('portal')->user();
// user here in database
$account = User::where('account', $user->id)->first();
if (!$account) {
User::create([
'account' => $user->id,
]);
$account = User::where('account', $user->id)->first();
}
Auth::login($account);
//dd(Auth::user());
return Inertia::render('Home/index');
}
function which gets null
public function getUser(Request $request)
{
dd(Auth::user());
return Auth::user();
}
Here is some information that may or may not is needed.
web.php
Route::get('/login', 'Auth\PortalLoginController#redirectToProvider')
->name('login');
Route::get('getUser', ['as' => 'getUser',
'uses' => 'Auth\PortalLoginController#getUser']);
Route::get('session', ['as' => 'session',
'uses' => 'Auth\PortalLoginController#listSession']);
auth.php
return [
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
],
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
'throttle' => 60,
],
],
'password_timeout' => 10800,
];
Laravel needs auth middleware to check authentication and initialize Auth service. So you need to add auth middleware to all your routes which you want to access Auth::user()
So update your routes in routes/web.php
Route::get('/login', 'Auth\PortalLoginController#redirectToProvider')->name('login');
Route::get('getUser', ['as' => 'getUser', 'uses' => 'Auth\PortalLoginController#getUser'])->middleware('auth');
Route::get('session', ['as' => 'session', 'uses' => 'Auth\PortalLoginController#listSession'])->middleware('auth');
'Route [login] not defined ..'
I'm new to Laravel. I want to make a login system myself, but I still have not solved this error. I am logging in but the user appears blank on the other page, I still cannot control it. I want to use the user restrictions on other pages, how can I do this.
web.php
Route::post('login', [userLogin::class, 'loginPost'])->name('login.post');
Route::get('student/home', [studentHome::class, 'index'] )->name('student.home')->middleware('auth:students');
Route::get('/', function () {
return view('login');
userLoginController.php
public function loginPost(Request $request)
{
if(auth::guard('students')->attempt(['email'=>$request->student_mail,'password'=>$request->student_password],false))
{
//dd(Auth::guard('students')->check());
return redirect()->intended('student.home');
}
else
{
echo "yannlış";
}
}
auth.php
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'students' => [
'driver' => 'session',
'provider' => 'students',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'students' => [
'driver' => 'eloquent',
'model' => App\Models\students::class,
],
You are missing the login route which is used to display the login form. Try naming your root:
Route::get('/', function () {
return view('login');
})->name('login');
Or you can add a separate route depending on what you are looking for.
Route::get('login', [UserLogin::class, 'showLoginForm'])->name('login');
I run into this error when i was learning creating an API using laravel passport middleware, it redirects by default to the GET login route, so i had to add like the previous comment said in my web.php.
Route::get('/login', function () {
return view('login');
})->name('login');
I have two routes as follow:
Route::GET('admins/', 'UserController#index')->middleware('jwt.auth');
Route::GET('visitors', 'UserController#indexVisitors')->middleware('jwt.auth');
And I have guards in auth.php:
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt-auth',
'provider' => 'users',
],
'visitor_api' => [
'driver' => 'jwt-auth',
'provider' => 'visitors',
],
],
I tried to specify the guard in the middleware but it doesn't work.
Route::GET('visitors', 'UserController#indexVisitors')
->middleware('jwt.auth.visitors_api');
If you would like to set a default guard through out the Route::group then you can use below syntax
Route::group(['middleware' => ['web','auth:visitor_api'], 'prefix' => 'visitor'], function() {
Route::get('/home', 'VisitorController#index')->name('home');
Route::get('/list', 'VisitorController#list')->name('list');
});
after this you can use Auth::id() instead of Auth::guard('visitor_api')->id() in your VisitorController.
I think this is what you want
Route::GET('visitors', 'UserController#indexVisitors')->middleware('auth:visitors_api');
You can specify a guard by passing it as a parameter (after the colon character)
You can refer to the laravel documentation:
https://laravel.com/docs/5.6/authentication
Under Authentication Quickstart > Protecting Routes > Specifying A Guard