Getting "401" Unauthorized error in Laravel 7
Question
Any request with auth:airlock middleware is not being authenticated! I am getting 401 error..
I am doing as per the documentation, first a get request to airlock/csrf-cookie and then the other requests..
Domain and Subdomains are fine! There is no cors error either..
My cors.php file:
return [
'paths' => ['api/*', '/login', '/logout', 'airlock/csrf-cookie'],
'allowed_methods' => ['*'],
'allowed_origins' => ['*'],
'allowed_origins_patterns' => [],
'allowed_headers' => ['*'],
'exposed_headers' => false,
'max_age' => false,
'supports_credentials' => true,
];
Example api request:
Route::middleware('auth:airlock')->get('/demoitems', 'Api\ItemsController@index');
In the client side in axios, i am setting:
withCredentials: true
After the login request, cookies and laravel sessions are stored correctly in the Cookies section in application, Chrome!
But Any request with the airlock middleware is marked as unauthorized..
Here is the airlock.php
return [
'stateful' => explode(',', env('AIRLOCK_STATEFUL_DOMAINS', 'localhost')),
'expiration' => null,
'middleware' => [
'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class,
],
];
The domain is added in the AIRLOCK_STATEFUL_DOMAIN in .ENV file.
The authentication driver in API is "token"..
1 answers
solution1
1 2020-03-16 11:42:51
I was the same issue. I put Http with my domain.
AIRLOCK_STATEFUL_DOMAINS=domain.com
Don't use Http or https. that solves my issue.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.