I'm new to laravel and sorry for the silly question I've posted a request via postman with two parameters,In my routes api.php file,
Route::post('/mail', 'TripsController#mail');
with header,
Accept:application/json
And exclude the token verify in VerifyCSRKToken as,
protected $except = ['api/*',
];
and my url:
http://localhost/Movecabadmin/api/mail
It returns the message as {"message":"Unauthenticated."}
Question 1:Is I need to pass any authentication value with the request?If it is then How?
Question 2:How to get the passed parameters in my controller?
You are getting this {"message":"Unauthenticated."} because the Route::post('/mail', 'TripsController#mail');
going under some kind of authentication or middleware.
Remove that and you will get your desired result.
Related
I try to access by wrong token in sanctum laravel but it return
The GET method is not supported for this route. Supported methods: POST instead of message: unauthorized. how can I solve this ?
This is my api route:
This is my controller:
and this is my result:
First of all, you talk about token, maybe you meant JWT, which is for REST and/or JSON Web-API, and normally does not allow "get" as access-method.
Your error-message simply means that the way you try to make the request is not allowed.
Hence, either allow it by replacing:
Route::get('my-url')-> ...
With:
Route::match(['get', 'post'], 'my-url')-> ...
Or change your request to make a Post request instead of a Get request.
Example how to change?!
If you did send us an example how you make a request, we could provide you how to do it right.
I am trying to get the current user in my laravel vue application. And whenever I trie to get it i am getting this error:
Symfony\Component\Routing\Exception\RouteNotFoundException: Route [login] not defined. in file C:\Users\Moeme\Documents\School\HsLeiden\Keuzevakken\IKFRAM\sla ticketsystem\ticketsystem\vendor\laravel\framework\src\Illuminate\Routing\UrlGenerator.php on line 444
This is what I am sending in postman:
This is what I have in my routes\api.php
Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
return $request->user();
});
I really do not know why it is not working
Thanks for the help
Add new config at headers
"Accept"=>"application/json"
Laravel will check the configuration for "Accept", it will return the web page or html if no value is set at "Accept" by default
I got the same error when making the request only for the postman, add this to the headers
key: Accept
Value: application/json
Your URL incorrect. Remove "/" before query parameters.
https://127.0.0.1:8000/api/user?param1=value¶m2=value - this for route '/api/user' with query params "param1" and "param2"
You are trying pass headers in a query parameters. Move "Accept" and "Authorization" to "Headers" tab for requests in Postman.
I'm trying to create REST API using Laravel. I'm using JWT (Tymon\JWTAuth) to authenticate users.
Here is part of my api.php file with /api routes:
Route::middleware('auth:api')->get("match/{id}", "ApiMatchController#getMatch");
Route::middleware('auth:api')->put("match/{id}", "ApiMatchController#editMatch");
Now, I'm sending GET request to /api/match/7. Authorized user gets match details as expected. Unauthorized user is redirected to root url / but I want user to stay on the url, I just want to return HTTP code 401 - Unauthorized. Where can I change this? I can do that inside of ApiMatchController#getMatch method but I would like middleware auth:api to do that for me. Is there any way how to do this?
Then, I'm sending PUT request to /api/match/7 with some data. Request from authorized user works just fine but unauthorized user now gets HTTP code 405 - Method Not Allowed (with debug info: Symfony\Component\HttpKernel\Exception\MethodNotAllowedHttpException: The PUT method is not supported for this route. Supported methods: GET, HEAD.). Why? I cleared the route cache and as you can see, there IS a defined route in api.php. This behaviour really happens just with unauthorized user.
About the first part:
Authorized user gets match details as expected. Unauthorized user is redirected to root url / but I want user to stay on the url, I just want to return HTTP code 401 - Unauthorized. Where can I change this?
This is because your default guard is web, so in that case when a user tries to access a protected route it will be redirected to the home page (by default, this can also customized of course).
To change the default guard to api go to config/auth.php and change it like this:
'defaults' => [
'guard' => 'api',
'passwords' => 'users',
],
Note: When making HTTP Requests, add this headers:
/** The following tells Laravel that you want a response in json format. */
Accept: application/json
/** The following is for POST/PUT/PATCH requests, it tells the request payload format. */
Content-type: application/json
About the second part:
Request from authorized user works just fine but unauthorized user now gets HTTP code 405 - Method Not Allowed
PHP doesn't handle well the PUT/PATCH/DELETE methods, in order to bypass this inconvinience do a POST request and then add a hidden _method field to the form.
The value sent with the _method field will be used as the HTTP request method:
Request body (the method is case sentitive):
Endpoint:
/api/match/7
Headers:
Accept: application/json
Content-type: application/json
Payload or Body:
_method: PUT
...
I have tried the combination of authorize method under controller, and Throwable mentioned in laravel docs:
https://laravel.com/docs/8.x/errors
try{
$this->authorize('create',Client::class);
} catch(Throwable $e)
{
echo $e->getMessage();
return false;
}
you can use same approach for your api responses.
Im using Laravel 5.8 and I got the following situation:
I have a simple form with a button which sends a delete request to a route. The form works like this: When the button is pressed, the form's action redirects me to the URL localhost/delete/4 where 4 is the id of the entry in the database, and there the route kicks in and the controller deletes my entry.
However, unauthenticated users do not have access to the form's button, and the route is protected by the middleware 'auth'.
But, if I, as an unauthenticated user, type in the adress bar localhost/delete/4, I get a method unsupported error, which is expected because I send a get request to a delete type route.
But my question is why do I get this error at all? Since the route is protected by the middleware against unauthenticated users, why does the request reach the route since it should be blocked by the middleware?
Below you got the route:
Route::delete('/delete/{id}', ['uses' => 'LibraryController#getLibraryDelete', 'middleware' => 'auth']);
Oh, as a side note, if a change the route to receive get requests, and try again, the middleware works fine
The route is checked first before going to the middleware and controller...
So if the route was not found actually the script doesn't know which middleware or controller to go to...
--
Here is a good use case for example someone want to define the following routes
Route::get('/question/{id}', 'QuestionController#view');
GET /question/1 is public for all users and returns the question itself (read only)
but
Route::patch('/question/{id}', 'QuestionController#edit')->middleware('auth');
PATCH /question/1 is only authenticated user can edit question...
So it's acceptable that different methods can have different middlewares or no middlewares for the same route...
And that some methods are not defined/allowed
--
The method is unsupported because your defined route is for deletes only as in ::delete method you used
Delete request is either a HTTP POST request with a query called "_method" and value "delete" or in supported browser an HTTP DELETE request
When the user type the url manually in their address bar it's a GET request which can be handled by this route method ::get
Available routing methods from latest documentation: (https://laravel.com/docs/5.8/routing)
Route::get($uri, $callback);
Route::post($uri, $callback);
Route::put($uri, $callback);
Route::patch($uri, $callback);
Route::delete($uri, $callback);
Route::options($uri, $callback);
Plus special route ::any which accepts any method
In laravel if the user reach a url that is defined but with a Method that's not defined in routes you get this "Method unsupported"
The method unsupported error is irrelevant to auth middleware in this case ... it's just about routing
I am working on an Android laravel application, but I have this road problem ?? Route::post('register','Api\Auth\RegistrationController#register');
Most likely you are trying to make a GET request on POST-only route. Check your route file.
Have you put
protected $except = [
'Api/*'
];
in your VerifyCsrfToken.php file? As far as I know, APIs typically use tokens to authenticate users and do not maintain session state between requests. So try this and check your headers and body for API post request.