Framework: auth:api not working - Redirecting to login page in Postman
I have an Laravel app wherein, my routes file looks like below, but whenever I send a Postman request to store.customer.complaint, I am redirected to the login route rather than sending an unauthorized response :
Route::get('/login', function () {
return 'Login';
});
Route::group(['prefix' => 'api/v1'], function () {
Route::group(['prefix' => 'customer'], function () {
Route::post('register', ['as' => 'register.customer', 'uses' => 'Api\Customer\CustomerController@store']);
Route::post('login', ['as' => 'login.customer', 'uses' => 'Api\Customer\CustomerController@login']);
Route::group(['middleware' => 'auth:api'], function () {
Route::post('complaint', [
'as' => 'store.customer.complaint',
'uses' => 'Api\Customer\ComplaintController@store',
]);
});
});
});
Postman Screenshot
viraj-khatavkar
All 16 comments
My suggestion would be to create a duplicate of auth:api middleware, and modify it accordingly to give the response you want.
srmklive
on 26 Apr 2016
Send Accept: application/jsonwith Postman
rkgrep
on 26 Apr 2016
If you see I am giving a application/json in raw body
Viraj Khatavkar
On Apr 26, 2016 12:20 PM, "Roman Kinyakin" [email protected] wrote:
Send Accept: application/jsonwith Postman
—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
https://github.com/laravel/framework/issues/13311#issuecomment-214636575
viraj-khatavkar
on 26 Apr 2016
Ok. I see now. It is not provided in Laravel. You need to modify the middleware and add $request->wantsJson() condition manually.
rkgrep
on 26 Apr 2016
It is already there in Authenticate.php
Viraj Khatavkar
On Apr 26, 2016 1:05 PM, "Roman Kinyakin" [email protected] wrote:
Ok. I see now. It is not provided in Laravel. You need to modify the
middleware and add $request->wantsJson() condition manually.—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
https://github.com/laravel/framework/issues/13311#issuecomment-214654553
viraj-khatavkar
on 26 Apr 2016
Why is it closed, I am not able to solve it yet.
Viraj Khatavkar
On Apr 26, 2016 1:11 PM, "Graham Campbell" [email protected] wrote:
Closed #13311 https://github.com/laravel/framework/issues/13311.
—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
https://github.com/laravel/framework/issues/13311#event-641097583
viraj-khatavkar
on 26 Apr 2016
If you see I am giving a application/json in raw body
I just realized, it is not Accept, but Content-type header, you nee to add Accept anyway
rkgrep
on 26 Apr 2016
Why is it closed, I am not able to solve it yet.
With respect, this is not a laravel bug, thus we're closing it. Our GitHub is not a support forum.
GrahamCampbell
on 26 Apr 2016
Sure, not an issue :)
Viraj Khatavkar
On Apr 26, 2016 1:49 PM, "Graham Campbell" [email protected] wrote:
Why is it closed, I am not able to solve it yet.
With respect, this is not a laravel bug, thus we're closing it. Our GitHub
is not a support forum.—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
https://github.com/laravel/framework/issues/13311#issuecomment-214664637
viraj-khatavkar
on 26 Apr 2016
@rkgrep Yes, you were correct, I sent an Accept header, it worked. Thanks for the tip :)
@GrahamCampbell Sorry for the trouble as it was my mistake
viraj-khatavkar
on 26 Apr 2016
I personally for convenience use ForceJson middleware for all api routes:
class ForceJson
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
// Force Json accept type
if (! Str::contains($request->header('accept'), ['/json', '+json'])) {
$request->headers->set('accept', 'application/json,' . $request->header('accept'));
}
return $next($request);
}
}
vedmant
on 28 May 2019
@vedmant that is such a good idea, should get this merged into the main framework.
robertmylne
on 5 Jul 2019
@GrahamCampbell Say this is not a bug?! This little presumption in code bugged me an hour to find and I now have to find a way to gracefully shut it up.
Why am I forced to accept to redirect to 'login' even if I don't, and explicitly said so in the RedirectTo function? Worst of all, in the process of raising an exception, The Exceptions are meant for the programmer to catch and figure out what's what. I am working on a REST API, but not all users gonna be respectful and send Accept and my API is not going to send them only JSON.
khooz
on 20 Oct 2019
Laravel shoud separate API layer from View layer. Its is very confusing. I cant consume default behaviour becouse i am creating Laravel API and i dont have any Views
nerwowy
on 6 Feb 2020
We really need a clear separation between API usage and normal usage. I've lost a few hours today trying to figure out why Laravel reacts so wrong to my requests. As @khooz said, why am I abusively redirected to login when I use it as an API? Lumen is not a solution. I need functionalities from Laravel for my needs.
auth:api is a joke.
prodaniucpavel
on 26 Sep 2020
We really need a clear separation between API usage and normal usage. I've lost a few hours today trying to figure out why Laravel reacts so wrong to my requests. As @khooz said, why am I abusively redirected to login when I use it as an API? Lumen is not a solution. I need functionalities from Laravel for my needs.
auth:api is a joke.
So you don't review a default implementation, and just start developing your api. You can also implement your own login functionality by overriding the default one. How is that so difficult? If you don't review something, how come its a bug with framework,
srmklive
on 27 Sep 2020
Related issues
digirew
·
3Comments
RomainSauvaire
·
3Comments
CupOfTea696
·
3Comments
klimentLambevski
·
3Comments
kerbylav
·
3Comments
Most helpful comment
Send
Accept: application/jsonwith Postman