GET api/user Unauthenticated. after success login

[RomkaLTU]

• Sanctum Version: 2.12.0
• Laravel Version: 8.66.0
• PHP Version: 8.0.11
• Database Driver & Version: Mysql 8

Description:

Been struggling 2 days with this package, pure pain tbh. Current problem is that after success login next request is GET api/user which should return logged-in user data, but return "Unauthenticated.". I have deployed FE and BE app to forge they are on the same TLD. Tried every possible SANCTUM_STATEFUL_DOMAINS and SESSION_DOMAIN nothing helped, but everything works on localhost. Thinking of just switching to good old JWT.

Steps To Reproduce:

Follow sanctum documentation for SPA.

[driesvints]

Hi there,

Thanks for reporting but it looks like this is a question which can be asked on a support channel. Please only use this issue tracker for reporting bugs with the library itself. If you have a question on how to use functionality provided by this repo you can try one of the following channels:

• Laracasts Forums
• Laravel.io Forums
• StackOverflow
• Discord
• Larachat
• IRC

However, this issue will not be locked and everyone is still free to discuss solutions to your problem!

Thanks.

[bat-elazrad]

any updates? having the same problem

[RomkaLTU]

No, just dumped it, to many time wasted, using JWT instead.

[tnduc]

same problem, but i got in production, before i deployed the same project didn't get this error.

[bat-elazrad]

I had this problem in the tests, eventually I get the sol.

[RomkaLTU]

Thanks, @bat-elazrad very helpful.

[marijnhurkens]

Same issue here, the token I get on production is prepended with a 0 instead of the token id. This is the sanctum code to create a token:

    public function createToken(string $name, array $abilities = ['*'])
    {
        $token = $this->tokens()->create([
            'name' => $name,
            'token' => hash('sha256', $plainTextToken = Str::random(40)),
            'abilities' => $abilities,
        ]);

        return new NewAccessToken($token, $token->getKey().'|'.$plainTextToken);
    }

On my local I get 1234|mytokenhere, on production 0|mytokenhere, which results in an unauthorized error. It seems that $token->getKey() returns 0, which is strange. Do the other people in this thread also have this same issue?

[marijnhurkens]

Also @driesvints I really don't get why you immediately close all issues in this project. This seems to happen on other Laravel projects as well and frankly, it creates a bad vibe. Some issues here are possible bugs (maybe not within this project but figuring this out is super helpful for future reference), and immediately closing them without gathering extra information or letting other people interact feels kinda pointless...

[marijnhurkens]

It seems like we're hit by this bug in Telescope: https://github.com/laravel/telescope/issues/289

@RomkaLTU if you're still having this issue, check there.