Guard Login/attempt.

[mennovanhout]

• Sanctum Version: 2.7.0
• Laravel Version: 8.*
• PHP Version: 7.4
• Database Driver & Version: Mysql 5.7

Description:

This is a bug and/feature request i guess. For the loginController i am overiding the attemptLogin method because I need to compare the credentials with an API. This is where i discoverd the "bug" after debugging a couple of hours.

$this->guard()->login();

Does not work with sanctum SPA. This will login the user and sucessfully finish the request but all calls after the login will return 401.

If you use

$this->guard()->attempt();

There is no issue what so ever.

I feel like that this is a bit strange because both methods login succesfully.

Steps To Reproduce:

Copy and paste this method inside LoginController.php

private function attemptLogin(Request $request)
{
    $user = User::updateOrCreate(
        ['username' => $request->get('username')],
        [
            'username' => $request->get('username'),
            'password' => Hash::make($request->get('password'))
        ]
    );

    $this->guard()->login($user, true);

    return true;
}

[driesvints]

Thanks but I don't think we need to change anything here at this time.

[mennovanhout]

@driesvints Thanks for you fast answer. Could you maybe explain me why this wouldn't be logical? I'd like to know the mindset behind this.

[driesvints]

We haven't had any reports on this being a problem for other users. Most likely I suspect there's something wrong in your app.

[mennovanhout]

We haven't had any reports on this being a problem for other users. Most likely I suspect there's something wrong in your app.

Thanks for the reply. I tried it with a brand new laravel instance. And it still is an issue. Probably no-one uses the login method from the guard. But I've created a workaround.