Trying to use Postman to test my app.
Got an access_token and id_token by posting to /oauth/ro using a test use I created on Auth0's dashboard.
Now in the seed project there's this route /api/protected and I'm trying to do a GET request on it using Postman.
This guide says just add this header authorization": "Bearer YOUR_ID_TOKEN_HERE"
I did but I always get Unauthorized User
tried to tinker and found out it's looking for config('laravel-auth0.secret_base64_encoded')
tried to use this and manually execute the $verifier->verifyAndDecode($encUser);
but before that, i set secret_base64_encoded to false and it worked!
EDIT: The seed project on their quickstart is OLD find the new one
Related
I'm currently toying with Laravel 9.x and Fortify.
For the starter here my environnement :
Laravel 9.19
Fortify 1.14
Postgre 15
I try to achieve something I thought was possible from reading the Fortify doc, using a third-party UI (e.g.: Mobile App) to register and login user.
So, following the documentation guide I deactivated the views generation, and migrated the tables and launched my test server using php artisan serve.
Then I try using postman to post the following json to the /register route provided by Fortify.
Postman has been setup with the following headers:
Content-Type: application/json
Accept: application/json
{
"name": "test1",
"email": "test1#example.com",
"password": "MyPassw0rd!",
"password_confirmation": "MyPassw0rd!"
}
The response returned by the request was an error 419 CSRF Token mismatch, which I understand since Laravel enforce the use of CSRF token.
Therefor I tried to add the /register route to the except array inside the middleware VerifyCsrfToken and tried again and this time I got a 201 created response.
From my understanding since the /register route exists within the web guard hence the CSRF token mechanic.
Since my final goal is to use Fortify with third-party frontend, how can achieve that without putting the route inside the except array (if possible)?
Is there a parameter to change inside config/fortify.php to allow this behavior?
Thanks for reading.
After playing I found the solution inside the middleware section of config/fortify.php
Replacing
middleware => ['web'],
with
middleware => ['api'],
Allow to user the register route without having to deactivate the CSRF on the route .
I created the custom basic auth in laravel. But, whenever I try to authenticate, there's a 400 bad request error. Authorization header comes out well like "basic base_encode64 (username: password)" If I exclude that header, 401 error comes out as I intended from the code I made... If I put in the Authorization header, I can't even access the code I made. But when I try it on phpunit or xdebug, I can authenticate well even if I have an Authorization header. I think an error appears when I try with a docker, but what setting should I change for authenticate?
The best way in laravel 8 for the authentication is to use Laravel Fortfify (https://laravel.com/docs/8.x/fortify#introduction). you can just follow the documentation and you have all the logic ready for register new users authentication and logout.
I'm struggling to get this done.
I have executed php artisan make: auth and the web-pages work perfectly, but now I want to use this using the API.
If I just try localhost/password/reset I get an HTML-page with the text: "The page has expired due to inactivity. Please refresh and try again.".
If I add the header Accept: application/json I get a HttpException and it's not clear to me why I get that exception
I found this question but it doesn't help me
I want to keep using Passport and not JWTAuth
I'm new to laravel4.2 trying to create a RESTFUL API, but getting error when I'm trying to hit URL{localhost/TPM/public/api/books} in postman.
what would be the URL for this??
Controller:
Router:
Try with return Response::json(['result' => true]); in your index method.
In addition, you can check the logs file for clues of what's going on in storage/logs/laravel.log.
I think in Laravel 4.2 you needed to perform a composer dump-autoload if created new classes but not sure.
Laravel noob here.
I'm getting a response "Authentication failed! Facebook returned an invalid user id.". I believe I followed this example correctly.
1. My Website with Facebook Login is set to http://localhost.com
2. HybridAuth config. Base url is set to http://localhost.com/laravel4/public/social/auth/
3. I tried running samples from HybridAuth on the same server, same facebook app id and app secrete; all seems to work okay except when using Laravel framework.
4. Ran updates (Laravel 4 and HybridAuth).
I would appreciate any ideas.
Is there a trailing slash in the base_url variable of your hybridauth config? Removing it fixed the problem on my end.
# app/config/hybridauth.php
return array(
"base_url" => "http://your.site.com/social/auth",
...
);