Closed mkgy closed 2 months ago
Hey @mkgy! Yes, it is indeed set by default, but you can configure all these endpoints, please read the documentation for the package, you can find the link in the readme or in the description of the repo or directly go to configuration page. Method POST is used for submitting credentials while GET is used for authenticated user retrieval, in your case it will be:
endpoints.login
is Route::post('login', [UserController::class, 'login'])
from you routes/api.php
endpoints.user
is Route::get('me', [UserController::class, 'me'])->middleware('auth:sanctum')
from your routes/api.php
If your routes are properly configured, then it should be accessible as domain/api/login
and domain/api/me
, use these URLs in the sanctum
section in your nuxt.config.ts
.
Hi@manchenkoff, thanks for the quick response. I just added some screenshots to display my errors. I have implemented your suggestions. Yet the problem exists.
Hope you can help further
@mkgy thanks for more details, but now I see that you have 401 response which means that there are no problems with routes and methods anymore. Package behavior is correct, yet there might be 2 reasons for 401:
Can you double-check that /api/me
request contains necessary cookies like XSRF-TOKEN
? Also, please remove SESSION_DOMAIN
from your .env
file for Laravel, it doesn't work with localhost
/api/me does indeed contain the necessary cookies as it can be seen in the following screenshot:
My Laravel CORS settings are as follows:
By the way my sanctum.php looks like this:
I do get a token from backend though
@mkgy
Your sanctum.php
middleware should look like this in order to authenticate user via Cookie, token-based auth is not supported
'middleware' => [
'authenticate_session' => Laravel\Sanctum\Http\Middleware\AuthenticateSession::class,
'encrypt_cookies' => Illuminate\Cookie\Middleware\EncryptCookies::class,
'validate_csrf_token' => Illuminate\Foundation\Http\Middleware\ValidateCsrfToken::class,
],
no success unfortuntely.
@mkgy I would suggest you to debug Laravel side in order to check which middleware is failing, unfortunately, since you posted a screenshot where both sides work with cookies properly, I cannot check what is wrong w/o accessing API codebase, I assume that session-related middleware is not working properly or not getting cookie value or even not associating it with user properly.
It might be also the problem in Hydra code, since it may use custom code which is not supported by default Laravel Sanctum package. You should also check how the session is generated when you log into the account.
ok, i understand. Thank you very much for your quick response and time. It seems from your package's side everything is working as it suppose to. By the way, I am given a hint in the following link: https://laracasts.com/discuss/channels/laravel/authenticate-user-using-cookie-laravel-sanctum. That hint combined with your previous suggestion on the middleware seems to be a possible solution to my problem. Again much thanks for your effort.
Describe the bug After submit I receive the following error-message: Error - FetchError: [GET] "http://localhost:8000/api/login": 405 Method Not Allowed ERROR Unable to load user identity [GET] "http://localhost:8000/api/user": 404 Not Found
I undertstand this message since on my backend (Laravel) the resource-endpoint is reachable via POST-method
To Reproduce
Expected behavior Expecting to fetch user data via POST-method
Screenshots![image](https://github.com/manchenkoff/nuxt-auth-sanctum/assets/64076713/d6270815-0f63-4915-b0e4-3104d0d96973)
Module information
Nuxt environment:
Laravel environment: I am using the following repository:
https://github.com/hasinhayder/hydra
config/cors.php
Additional context Also it took me a while to get to the current HTTP-method error. It seems somewhere in the your code the endpoint " api/user" is set by default. I needed to edit line 32 in src/runtime/composables/useSanctumAuth.ts. from :
user.value = await client(options.endpoints.user); to
user.value = await client(options.endpoints.login);
to get the following URL: http://localhost:8000/api/user