Closed kimnguyen-ict closed 6 years ago
@kimnguyen-ict did you manage to solve this? Facing the same problem as well even when using localhost
@lawrence615 I'm struggling with a similar problem. Have you had any luck fixing it?
This might be related to what you guys were working on. I wanted multi-auth for users for my application vs users who only use the API. Different registration, login, database table, etc. I suffered the same issue and it was due to Passport::routes(). The routes used for Passport all have ['web', 'auth'] as middleware. So it's automatically looking for the application user.
Instead of calling Passport::routes(), I copied all the routes in RouteRegistrar and changed the middle ware to ['web', 'auth:apiuser']. auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'apiusers',
],
'apiuser' => [
'driver' => 'session',
'provider' => 'apiusers',
],
],
I'm using Dingo for the API, Passport for handling the user registration. After this change above, my API users can log in and see the front end panel supplied natively by Passport using Vue. There they can create clients and personal tokens.
Hope this helps.
Edit: I should mention my API is on a subdomain: api.mysite.org The api user registration/login is in the main domain: mysite.org/api Paths for Passport are on the main domain: mysite.org/oauth This was to avoid the pain in the butt that Dingo is regarding versioning when it comes to routing.
Same issue here. It's not possible for OAuth users to logout/destroy their token because curl -X DELETE ../oauth/tokens/123
returns 401 "Unauthenticated".
The issue is - as @rbruhn described - that the default guard is used for the api
middleware instead of the api
guard that lets oauth clients in. Replacing auth
with auth:api
fixed this problem.
Heya. This is sort of related to https://github.com/laravel/passport/issues/379. Going to close this atm. In the meantime you'll have to target the correct domain.
This might be related to what you guys were working on. I wanted multi-auth for users for my application vs users who only use the API. Different registration, login, database table, etc. I suffered the same issue and it was due to Passport::routes(). The routes used for Passport all have ['web', 'auth'] as middleware. So it's automatically looking for the application user.
Instead of calling Passport::routes(), I copied all the routes in RouteRegistrar and changed the middle ware to ['web', 'auth:apiuser']. auth.php
'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'passport', 'provider' => 'apiusers', ], 'apiuser' => [ 'driver' => 'session', 'provider' => 'apiusers', ], ],
I'm using Dingo for the API, Passport for handling the user registration. After this change above, my API users can log in and see the front end panel supplied natively by Passport using Vue. There they can create clients and personal tokens.
Hope this helps.
Edit: I should mention my API is on a subdomain: api.mysite.org The api user registration/login is in the main domain: mysite.org/api Paths for Passport are on the main domain: mysite.org/oauth This was to avoid the pain in the butt that Dingo is regarding versioning when it comes to routing.
@rbruhn
Hi,
Can I ask where or which file did you copy the routes from RouteRegistrar to? Did you copy them into the boot method of the AuthServiceProvider? Can you provide a snippet of how you've re-written the routes?
Cheers.
I am using multiple authentications in Laravel and personal passport grant. I make:
admin.app.dev
=> 'admin' guard;app.dev
=> 'web' guard. Everything is good in 'app.dev' except 'admin.app.dev' can not call passport routes such as:'/oauth/scopes'. That always return 401 - Unauthenticated. :( However, I still call my API routes in
routes/api.php
via 'api' guard. This is my configs:Anyone here to help me!