[英]Laravel Sanctum Token API Authentication Not Working in Postman
I am trying to utilize Sanctum for an API only application.我正在尝试将 Sanctum 用于仅 API 的应用程序。 I am not using it for a SPA.我没有将它用于 SPA。 I have a single end point set up and protected by the Sanctum middleware.我有一个由 Sanctum 中间件设置和保护的单一端点。 I am creating a user and a token for said user through the tinker cli tool.我正在通过 tinker cli 工具为所述用户创建一个用户和一个令牌。 I then paste the token into Postman under the bearer token selection within the authorization tab.然后,我将令牌粘贴到授权选项卡中不记名令牌选择下的 Postman 中。 However, when I submit the request I get an unauthenticated error.但是,当我提交请求时,出现未经身份验证的错误。 Not quite sure what I am doing incorrect here.不太确定我在这里做错了什么。 Followed the documentation provided very closely as well as the sparse videos I could find.密切关注提供的文档以及我能找到的稀疏视频。 Here are some code snippets.下面是一些代码片段。 I appreciate the insight here.我很欣赏这里的洞察力。
API.php API.php
Route::middleware('auth:sanctum')->apiResource('/documents','DocumentHandlerController');
Middleware/Authenticate.php中间件/Authenticate.php
class Authenticate extends Middleware
{
/**
* Return 401 when not authorized
*
* @param \Illuminate\Http\Request $request
* @return string|null
*/
public function handle($request)
{
return response()->json(
['message'=>'Unauthorized']
,Response::HTTP_UNAUTHORIZED
);
}
}
Function from my controller Function 来自我的 controller
public function index()
{
return response()->json(['Success'],Response::HTTP_OK);
}
Faced with the same problem.面临同样的问题。 After some investigation it seems the problem happens there: https://github.com/laravel/sanctum/commit/f5695aecc547138c76bc66aaede73ba549dabdc5经过一番调查,问题似乎发生在那里: https://github.com/laravel/sanctum/commit/f5695aecc547138c76bc66aaede73ba549dabdc5
During the refactoring they forgot to include default guard definition.在重构期间,他们忘记了包含默认保护定义。
Just add this at the end of config/sanctum.php for api guard:只需在 config/sanctum.php 的末尾添加 api 防护:
'guard' => 'api'
I killed full day when trying to solve this problem.试图解决这个问题时,我整天都在杀人。 In my case, the problem was in the Apache config.就我而言,问题出在 Apache 配置中。 I hope this helps you.我希望这可以帮助你。
RewriteCond %{HTTP:Authorization} ^(.+)$
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
I had a similar issue where I got the response {"message":"Unauthenticated."}
.我有一个类似的问题,我得到了响应{"message":"Unauthenticated."}
。
For me it was because in my .env
file, my APP_URL was https://www.example.com
and I was trying to access the API via the URL https://example.com
. For me it was because in my .env
file, my APP_URL was https://www.example.com
and I was trying to access the API via the URL https://example.com
.
When I changed the URL that made the API call to https://www.example.com
it was working.当我更改 URL 时,它使 API 调用https://www.example.com
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.