Laravel Sanctum 令牌 API 身份验证在 Postman 中不起作用
[英]Laravel Sanctum Token API Authentication Not Working in Postman
问题描述
I am trying to utilize Sanctum for an API only application.
我正在尝试将 Sanctum 用于仅 API 的应用程序。 I am not using it for a SPA.我没有将它用于 SPA。 I have a single end point set up and protected by the Sanctum middleware.我有一个由 Sanctum 中间件设置和保护的单一端点。 I am creating a user and a token for said user through the tinker cli tool.我正在通过 tinker cli 工具为所述用户创建一个用户和一个令牌。 I then paste the token into Postman under the bearer token selection within the authorization tab.然后,我将令牌粘贴到授权选项卡中不记名令牌选择下的 Postman 中。 However, when I submit the request I get an unauthenticated error.但是,当我提交请求时,出现未经身份验证的错误。 Not quite sure what I am doing incorrect here.不太确定我在这里做错了什么。 Followed the documentation provided very closely as well as the sparse videos I could find.密切关注提供的文档以及我能找到的稀疏视频。 Here are some code snippets.下面是一些代码片段。 I appreciate the insight here.我很欣赏这里的洞察力。
API.php API.php
Route::middleware('auth:sanctum')->apiResource('/documents','DocumentHandlerController');
Middleware/Authenticate.php中间件/Authenticate.php
class Authenticate extends Middleware
{
/**
* Return 401 when not authorized
*
* @param \Illuminate\Http\Request $request
* @return string|null
*/
public function handle($request)
{
return response()->json(
['message'=>'Unauthorized']
,Response::HTTP_UNAUTHORIZED
);
}
}
Function from my controller Function 来自我的 controller
public function index()
{
return response()->json(['Success'],Response::HTTP_OK);
}
5 个解决方案
解决方案1
1 2021-04-12 08:50:25
Faced with the same problem.面临同样的问题。 After some investigation it seems the problem happens there: https://github.com/laravel/sanctum/commit/f5695aecc547138c76bc66aaede73ba549dabdc5经过一番调查,问题似乎发生在那里: https://github.com/laravel/sanctum/commit/f5695aecc547138c76bc66aaede73ba549dabdc5
During the refactoring they forgot to include default guard definition.在重构期间,他们忘记了包含默认保护定义。
Just add this at the end of config/sanctum.php for api guard:只需在 config/sanctum.php 的末尾添加 api 防护:
'guard' => 'api'
解决方案2
1 2021-08-12 12:50:33
I faced the same Issue but I solved it by add to headers: Accept with value application/json .我遇到了同样的问题,但我通过添加到标题解决了它: Accept with value application/json 。
That's the best solution I found maybe others have another solution.这是我发现的最好的解决方案,也许其他人有另一种解决方案。
解决方案3
1 2022-02-10 20:13:27
I killed full day when trying to solve this problem.试图解决这个问题时,我整天都在杀人。 In my case, the problem was in the Apache config.就我而言,问题出在 Apache 配置中。 I hope this helps you.我希望这可以帮助你。
RewriteCond %{HTTP:Authorization} ^(.+)$
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
解决方案4
0 2021-04-09 07:33:39
解决方案5
0 2021-12-15 21:30:36
I had a similar issue where I got the response {"message":"Unauthenticated."} .我有一个类似的问题,我得到了响应{"message":"Unauthenticated."} 。
For me it was because in my .env file, my APP_URL was https://www.example.com and I was trying to access the API via the URL https://example.com . For me it was because in my .env file, my APP_URL was https://www.example.com and I was trying to access the API via the URL https://example.com .
When I changed the URL that made the API call to https://www.example.com it was working.当我更改 URL 时,它使 API 调用https://www.example.com
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.