RTippin / messenger

Laravel messenger. A full messenger suite for your new / existing laravel app! Private and group threads between multiple models, with real-time messaging, reactions, attachments, calling, chat bots, and more!
https://tippindev.com
MIT License
417 stars 84 forks source link

xxxxxxx could not be authenticated to private-messenger.user.xxxx #7

Closed lps83 closed 3 years ago

lps83 commented 3 years ago

Hi, I still have a lot of issue to add your package to my project. It's exactly what I'm looking for, so I don't want to give up ! I tried to use your demo, but I still have an issue with Laravel Echo server. I followed all the doc to make sure I copy paste the appId/Key from Laravel-echo-server.json to the .env ... but I still have an error :/

`

sylvain@MBP-de-Sylvain messenger-demo-master % laravel-echo-server start

L A R A V E L E C H O S E R V E R

version 1.6.2

⚠ Starting server in DEV mode...

✔ Running at localhost on port 6001 ✔ Channels are ready. ✔ Listening for http events... ✔ Listening for redis events...

Server ready!

[19:23:16] - Preparing authentication request to: http://localhost:8000 [19:23:16] - Sending auth request to: http://localhost:8000/api/broadcasting/auth

⚠ [19:23:16] - lMUUODNNsfLdEssOAAAG could not be authenticated to private-messenger.user.932a7ac2-2b7c-409b-be43-110e8055b12a {"message":"Unauthenticated."} Client can not be authenticated, got HTTP status 401 [19:23:16] - Preparing authentication request to: http://localhost:8000 [19:23:16] - Sending auth request to: http://localhost:8000/api/broadcasting/auth

⚠ [19:23:16] - BG4LhvClClJ3FMKCAAAH could not be authenticated to private-messenger.user.932a7ac2-2b7c-409b-be43-110e8055b12a {"message":"Unauthenticated."} Client can not be authenticated, got HTTP status 401 [19:23:17] - Preparing authentication request to: http://localhost:8000 [19:23:17] - Sending auth request to: http://localhost:8000/api/broadcasting/auth

⚠ [19:23:17] - IlWDQbzsyuzSM1EcAAAI could not be authenticated to private-messenger.user.932a7ac2-2b7c-409b-be43-110e8055b12a {"message":"Unauthenticated."} Client can not be authenticated, got HTTP status 401 Channel: private-messenger.user.932a7ac2-2b7c-409b-be43-110e8055b12a Event: thread.read Channel: private-messenger.user.932a7ac2-2b7c-409b-be43-110e8055b12a Event: thread.read Channel: private-messenger.user.932a7ac2-2b7c-409b-be43-110e8055b12a Event: thread.read `

It's driving me crazy because all the rest works perfectly.

thanks for your work and your help !

RTippin commented 3 years ago

Can you confirm that within the messenger.php config, the channels array is set to use the same middleware you are using for auth? Default is:

        'channels' => [
            'enabled' => true,
            'domain' => null,
            'prefix' => 'api',
            'middleware' => ['web', 'auth', 'messenger.provider:required'],
        ],

If you are using passport or other means for authentication, you may need to update that. You can also hop onto my demo website and we can chat there and I can help you debug it.

lps83 commented 3 years ago

Can you confirm that within the messenger.php config, the channels array is set to use the same middleware you are using for auth? Default is:

        'channels' => [
            'enabled' => true,
            'domain' => null,
            'prefix' => 'api',
            'middleware' => ['web', 'auth', 'messenger.provider:required'],
        ],

If you are using passport or other means for authentication, you may need to update that. You can also hop onto my demo website and we can chat there and I can help you debug it.

Thanks for your reply. I cloned your demo repo and didn't change anything. I checked the messenger.php it looks good.

RTippin commented 3 years ago

I cannot replicate your issue without more information. I just did a fresh install of my demo app following my readme. Your problem is not a bug or anything with my package, so I am closing this issue. If you want me to help you debug it, I ask again, please visit my demo site tippindev and chat with me live, or email me at tippindev@gmail.com as I will not wait a day between each reply here.

Also, please check that your echo server json looks similar to the one I just generated:

{
    "authHost": "http://localhost:8000",
    "authEndpoint": "/api/broadcasting/auth",
    "clients": [
        {
            "appId": "457d8132f197509d",
            "key": "463ba66367d9a6b6e1d129f57976842b"
        }
    ],
    "database": "redis",
    "databaseConfig": {
        "redis": {
            "port": "6379",
            "server": "127.0.0.1"
        },
        "sqlite": {
            "databasePath": "/database/laravel-echo-server.sqlite"
        }
    },
    "devMode": true,
    "host": null,
    "port": "6001",
    "protocol": "http",
    "socketio": {},
    "sslCertPath": "",
    "sslKeyPath": "",
    "sslCertChainPath": "",
    "sslPassphrase": "",
    "subscribers": {
        "http": true,
        "redis": true
    },
    "apiOriginAllow": {
        "allowCors": true,
        "allowOrigin": "http://localhost:8000",
        "allowMethods": "GET, POST",
        "allowHeaders": "Origin, Content-Type, X-Auth-Token, X-Requested-With, Accept, Authorization, X-CSRF-TOKEN, X-Socket-Id"
    }
}
RTippin commented 3 years ago

Adding for others who see this: Your socket endpoint MUST be the same as the domain you serve your laravel app from. If you serve from http://127.0.0.1 for example and not http://localhost, the env should match:

MESSENGER_SOCKET_ENDPOINT=http://127.0.0.1:6001
SOCKET_APP_HOST=http://127.0.0.1
ajnozari commented 3 years ago

Additionally if you use browser sync or the like you can pass an array of string URL’s that are valid. Echo knows to pick the appropriate one. This can also be done with the CORS field.

[“http://localhost:8000”, “http://local.test”, “http://127..0.0.1:8000”]

Further to avoid issues with SSL in dev environments, if you are setting up a domain that points to localhost (for Apache or Nginx) PLEASE use a domain ending in .test.

As of a few years ago Chrome and as of this past year Safari started doing DNS checks on .local and .dev domains. They also added those TLDs to the auto-redirect to https.

Normally this would not be an issue, but the browsers may try to upgrade your socket connections if you use those domains, even if you hard code it to http.