Login error "The given data was invalid" - device_name: 'mobile_app'

[robbykrlos]

This is a bug/question.

Prerequisites

• [4.4.0] Are you running the latest version?
• [x] Are you reporting to the correct repository? (enso is made of many specialized packages: https://github.com/laravel-enso)
• [x] Did you check the documentation?
• [x] Did you perform a cursory search?

Description

I feel like this is not an Enso-bug, but some kind of bad configuration, or maybe missed upgrade step, but we have a problem with the login. This does not happen after an upgrade - we cannot find a trigger point for this behavior:

"The given data was invalid"

We've done some research and all comes done to this:

client/node_modules/@enso-ui/auth/src/bulma/pages/auth/components/AuthForm.vue

loginParams() {
            const { email, password, remember } = this;
            const params = { email, password, remember };

            return this.isWebview
                ? { ...params, device_name: 'mobile_app' }
                : params;
        },

It seems that the device_name is not set if this.isWebview is false.

The dirty fix we made so that we can still test out app, was to force device_name:

? { ...params, device_name: 'mobile_app' }
-                : params;
+                : { ...params, device_name: 'web_app' };

And this fixes the problem, but we still do not understand what we did that out of the sudden this did not work anymore. Even more, there is some more strange behavior:

• one one environment, the yarn serve gave this error on login but if I ran it over apache only with yarn build optimized js chunk files, it was working. At this stage I thought the problem was from node_modules files, maybe some corrupted yarn cached files, and a refresh on node_modules fixed it.
• later on a different environment Chrome worked on both yarn serve and apache only, but firefox not. And this made me crazy:)

I tried to search more for "device_name" or "mobile_app" in enso FE and BE code to fine a meaning and an explanation but found only : vendor/laravel-enso/core/src/Http/Controllers/Auth/LoginController.php

protected function validateLogin(Request $request)
    {
        $attributes = [
            $this->username() => 'required|string',
            'password' => 'required|string',
        ];

        if (! $request->attributes->get('sanctum')) {
            $attributes['device_name'] = 'required|string';
        }

        $request->validate($attributes);
    }

But then again, no config/auth.phpchanges were made, or config/sanctum.php, nothing in this direction.

We've also tried cleaning up cookies, disabled browser caching, php artisan optimize, yarn cache clean...

If you guys have some other ideas, we will appreciate it.

I really hope it's a stupid thing fixable by one small change 👍

[aocneanu]

did you configure SANCTUM_STATEFUL_DOMAINS ?

[aocneanu]

https://github.com/laravel-enso/enso/issues?q=is%3Aissue+is%3Aopen+SANCTUM_STATEFUL_DOMAINS

[robbykrlos]

did you configure SANCTUM_STATEFUL_DOMAINS ?

No, we did not.

Although it is present in the .env.example:

SANCTUM_STATEFUL_DOMAINS=localhost,127.0.0.1,127.0.0.1:8000,localhost:8080,::1

We have this omitted inside the .env.testing and .env.

Isn't this getting a default value here? config/sanctum.php

'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', 'localhost,127.0.0.1,127.0.0.1:8000,::1')),

Should we have set this to our yarn and apache domains ? Ex 127.0.0.1:8082 (yarn) and 127.0.0.1:8081 (apache)?

I'm trying it now...

[robbykrlos]

I've configured

SANCTUM_STATEFUL_DOMAINS=127.0.0.1:8082,localhost:8082,127.0.0.1:8081,localhost.lbenso:8081

Exactly how my local yarn and apache are accessed by me or API calls (Request URL: http://localhost:8082/api/login Request Method: POST)

And :

php artisan optmize (for config re-cache)

but the problem is still there.

I'm starting to read more about Sanctum ... tbh I lack some deeper knowledge about it.

[robbykrlos]

I'm backtracking possible mistakes on our upgrade steps:

https://github.com/laravel-enso/enso/releases

4.1.0 ... documentation _added extra instructions regarding Sanctum's SANCTUM_STATEFULDOMAINS env value

---

https://docs.laravel-enso.com/guide/getting-started.html#installation-steps

Important: once you're chosen your app's name and set the APP_URL in your .env file, make sure you also add the domain to the list of domains in the SANCTUM_STATEFUL_DOMAINS. For example:

... APP_URL=http://enso.test ... SANCTUM_STATEFUL_DOMAINS=localhost,127.0.0.1,127.0.0.1:8000,localhost:8080,::1,enso.test

---

OK, I confirm that we missed this configuration, and corrected it now.

LE: we figured out that my initial configuration for the SANCTUM_STATEFUL_DOMAINS was not according to documentation, because I removed the default values.

Before (still not working, containing only the yarn and apache URLs)

SANCTUM_STATEFUL_DOMAINS=127.0.0.1:8082,localhost:8082,127.0.0.1:8081,localhost.lbenso:8081

After (working - containing initial defaults + yarn and apache custom URLs)

SANCTUM_STATEFUL_DOMAINS=localhost,127.0.0.1,127.0.0.1:8000,localhost:8080,::1,localhost:8082,localhost.lbenso:8081

Thanks for your support. Seems that we needed a nudge in this directions.

[robbykrlos]

https://github.com/laravel-enso/enso/issues?q=is%3Aissue+is%3Aopen+SANCTUM_STATEFUL_DOMAINS

Oh, feel bad now. Sorry for wasting your time.

That's why I always tell people to also copy paste the text of the error, not just the picture. I did the search on issues, but used the wrong keywords.

Thanks, I'll shut up now :D

[aocneanu]

np @robbykrlos