I'm using a middleware for handle https over Cloudflare, this is the code:
if(env('I_AM_BEHIND_CLOUDFLARE'))
$request->setTrustedProxies( [ $request->getClientIp() ] );
if (!$request->secure())
return redirect()->secure($request->getRequestUri());
return $next($request);
this code was working before my last composer update that updated symfony component of laravel. it shows an exception about InvalidArgumentException.
symfony in last update changed setTrustedProxies() function that requires second parameter as known headers.
Question: How should I set this second parameter?
You should pass as second argument either of Request::HEADER_X_FORWARDED_ALL or Request::HEADER_X_FORWARDED_FOR
Reference: https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpFoundation/Request.php#L575
Related
I'm using Laravel 8 for my backend and I'm trying to store my auth token in a cookie.
I want to set that cookie in my controller response, and I'm trying this way:
return response()->cookie('token', $tokenResult->accessToken, 10000);
The problem here is that Laravel can not find cookie method.
According to Laravel 8 documentation, cookie() is a method from ResponseTrait, but Laravel is trying to get it from Macroable trait:
BadMethodCallException: Method Illuminate\Routing\ResponseFactory: :cookie does not exist. in file /var/www/html/t2t-api/vendor/laravel/framework/src/Illuminate/Macroable/Traits/Macroable.php
How could I solve this issue? Thank you.
P.S.
It seems to work if I add a parameter to response() like this:
return response('Hello World')->cookie('token', $tokenResult->accessToken, 10000);
But I need a JSON response instead of this.
You should use cookie on a new \Illuminate\Http\Response
$response = new \Illuminate\Http\Response();
return $response->cookie("name","value",360);
I'm currently building a REST API with Laravel Lumen 8. I want to set a cookie if the user logged in successfully. I saw that in the Lumen 5.1 docs there was a section that showed how to send a cookie with the response (https://lumen.laravel.com/docs/5.1/responses#attaching-cookies-to-responses). But in the documentation for version 8 this section is missing. I also looked into the Laravel 8 docs (https://laravel.com/docs/8.x/responses#attaching-cookies-to-responses) and tried the following things in my routes/web.php file:
Attempt 1
$router->get('/test', function () {
return response('Hello World')->cookie(
'name', 'value', 60
);
});
But then I get the following error:
Argument 1 passed to
Symfony\Component\HttpFoundation\ResponseHeaderBag::setCookie() must
be an instance of Symfony\Component\HttpFoundation\Cookie, string
given
Attempt 2
use Illuminate\Support\Facades\Cookie;
$router->get('/test', function () {
Cookie::queue('name', 'value', 60);
return response('Hello World');
});
Error message: Target class [cookie] does not exist.
Attempt 3
$router->get('/test', function () {
$cookie = cookie('name', 'value', 60);
return response('Hello World')->cookie($cookie);
});
Error message: Call to undefined function cookie()
Attempt 4
use Symfony\Component\HttpFoundation\Cookie;
$router->get('/test', function () {
return response(null)->withCookie(new Cookie('name', 'value'));
});
This solution works, but if i set the third parameter like this new Cookie('name', 'value', 60), I don't get an error message but the cookie doesn't get set anymore.
And I'm also a bit sceptical because I never saw this in any official docs but only in this stack overflow question: Set cookie on response in lumen 5.6.
These weren't the only things I tried but nothing worked so far. Setting a cookie should be such an easy thing but I just can't achieve it. I'm pretty new to Laravel/Lumen, has it something to do with the new Version 8? Or what else am I doing wrong?
I've had the same issue, this is not pretty but it fixed it for me.
use Symfony\Component\HttpFoundation\Cookie;
use Symfony\Component\HttpFoundation\Response;
...
$response = new Response();
$response->headers->setCookie(Cookie::create('foo', 'bar'));
$response->send(); // <- this guy
In case you are using the jwt-auth library by Sean Tymon for JSON Web Token Authentication, this Thread may help you: https://github.com/tymondesigns/jwt-auth/issues/1594#issuecomment-395575980
Cited from the thread:
The root of the culprit I guess is that Lumen by design no longer does
cookies which I find a bit of a flaw in the light of all the blogs and
OWASP suggestions of not storing a JWT in localstorage but rather in a
httponly cookie to prevent XSS and deal with CSRF accordingly. So, the
jwt-auth doesn't include the cookie parser with the
LumenServiceProvider which is what you register in app.php as a
service provider:
$app->register(Tymon\JWTAuth\Providers\LumenServiceProvider::class);
So when you add
use Tymon\JWTAuth\Http\Parser\Cookies;
to the top of jwt-auth\src\Providers\LumenServiceProvider.php
and add
new Cookies($this->config('decrypt_cookies'))
into the array at the very end of the file
$this->app['tymon.jwt.parser']->setChain([<br>
new AuthHeaders,
new QueryString,
new InputSource,
new LumenRouteParams,
new Cookies($this->config('decrypt_cookies')),
]);
then you should be able use the cookie authentication in Lumen as
well.
Call to Laravel API with parameter gets an error of 404: page not found, But while removing the parameter It works fine.
API.php have the following code
Route::get('Parties/{aToken}',"CustomerController#apiParties");
The controller has the following Code
function apiParties(request $request,$token){
$parties = DB::table('parties')
->Where("status","1")
->get()
->take(20);
return json_encode($parties);
}
Tried too many things but not working. I'm working on the server, not in localhost so don't have a terminal.
Change this
->get()->take(20);
to
->take(20)->get();
more fluently :
return DB::table('parties')
->Where("status","1")
->take(20)
->toJson();
Only use Request when you need it, i see that you not really use it on this scope of code. And make sure you already import DB Facades correctly :
use Illuminate\Support\Facades\DB;
If you want to make the parameter optional then add ? before the close brace.
Second thing is that you need to use Request $request starting with capital letter.
Always use small letters in the URLs and for the parameters.
Also, the parameter in the controller method should be Request instead of request.
I'm trying to add login with social media
I'm using Laravel 7 and socialite for login.
It was working at first but after the first time I'm getting following error:
Laravel\Socialite\Two\InvalidStateException
vendor/laravel/socialite/src/Two/AbstractProvider.php:210
I have read this question Laravel Socialite: InvalidStateException but I couldn't solve the problem.
I would appreciate any help
In my case the same error was caused by adding a reserved word parameter "state" to the ->with() method. I did:
return Socialite::driver('twitch')
->with(['state' => 'randomstate'])
->redirect();
Removing that helped.
I had the same issue, but only when running the application (Laravel 8) on the production host.
The problem was the enforcement of a restrictive Resource Isolation Policy from the provider, which discarded all input parameters for requests having a sec-fetch-site:cross-site header (which is the case of an OAuth2 redirect).
To verify if this is your case, it is enough to check the contents of the Request coming to your endpoint function: if the following code prints an empty array, you probably have to check your web server configurations.
public function socialCallback(Request $request) {
// Those two lines are just for debug, to be removed
print_r($request->all());
exit();
Socialite::driver('google')->user();
}
Here, more informations about sec-fetch-site.
I followed the instructions here
https://laraveltips.wordpress.com/2015/06/15/how-to-make-user-login-and-registration-laravel-5-1/
for setting up login and registration.
Login and registration works correctly, but when I click on Forgot Password, I get the following exception :
ErrorException in ResetsPasswords.php line 104: Argument 1 passed to
App\Http\Controllers\Auth\PasswordController::showResetForm() must be
an instance of Illuminate\Http\Request, null given, called in
ResetsPasswords.php on line 92 and defined
Not sure what is causing this since the request object seems to be getting passed in correctly
public function getReset($token = null)
{
return $this->showResetForm($token);
}
I am running laravel 5.2.6
If it says it needs 'an instance of Illuminate\Http\Request' then pass it one.
public function getReset(Request $request, $token = null)
{
return $this->showResetForm($request, $token);
}
In the laravel 5.2.6 tag there seems to be a bug in the ResetsPassword trait I had the some problem lookup the ResetsPassword.php on github and use the tag v5.2.6 and you will see that the Request is not passed to the showResetForm method you can fix this by manually adding it to the ResetsPassword trait but it would be better to just checkout laravel 5.2 in your composer file.
So in your composer.json it now probably looks like this for you.
"laravel/framework": "5.2.*"
But when you change it to
"laravel/framework": "5.2"
and run composer update
It should be fine atleast it worked for me. An alternative is to use the solution lagbox provided but then you have to change it manually on your server.