Laravel sanctum works in localhost, but returns 401 unauthenticated in live server

Question

This is my 3rd post in a row on this issue, unfortunately I am not getting proper answer. I am developing an authentication system using laravel-sanctum in a laravel-vuejs app. The laravel-sanctum works fine (return user info from "/api/user" api) in the localhost. But when I am deploying in a live server, it returns 401 (unauthenicated) error.

my .env

APP_NAME=Laravel
APP_ENV=local
APP_KEY=base64:WvNeYkRnJbXNcttmiAKe1blplUslHWIsRQpvnPt0mxA=
APP_DEBUG=true
APP_URL=https://subdomain.domain.com/


DB_CONNECTION=mysql
DB_HOST=127.0.0.1

SESSION_DRIVER=cookie
SESSION_LIFETIME=120
SESSION_DOMAIN=subdomain.domain.com
SESSION_SECURE_COOKIE=false
SANCTUM_STATIC_DOMAIN=subdomain.domain.com

My sanctum.php

'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', 'subdomain.domain.com')),

'guard' => ['api'],

cors.php

'supports_credentials' => true,

auth.php

'defaults' => [
    'guard' => 'api',
    'passwords' => 'users',
],

'guards' => [
    'api' => [
        'driver' => 'session',
        'provider' => 'users',
    ],
],

From bootstrap.js

window.axios = require('axios');

window.axios.defaults.headers.common['X-Requested-With'] = 
'XMLHttpRequest';

axios.defaults.withCredentials = true

Code from component (script)

mounted() {
    axios.defaults.headers.common["Authorization"] = `Bearer ${this.token}`;
    axios.get('/api/user').then(response => {
        this.userInfo = response.data
    })
}

I am not sure whether I properly configured auth middleware or not though — K.S. Azim, May 15 '22 at 06:18
I'm not fully understand your app but can you try with my answer below if it might helps. — Hai Tien, May 15 '22 at 06:30
I never used the first line of your mounted method before, and never faced the same issue you have. It might be the problem. Second, I think your stateful domain should contain https:// part too. — Bulent, May 15 '22 at 06:33
@Bulent It's used for token authentication each time request sends — K.S. Azim, May 15 '22 at 07:15
You don't need attach the token each time. It's handled by withCredentials settings. — Bulent, May 15 '22 at 09:41
Do you really need the sanctum token configuration? Because cookie config is much simpler to do an have less problems. I recommend you to use it if your app is not going to be used with native apps, just from browser. — Guille, May 16 '22 at 00:27
@Guille that does not work either brother, I have some core issue in my sanctum/middleware config I guess — K.S. Azim, May 16 '22 at 05:06

score 0 · Answer 1 · answered May 15 '22 at 06:29

0

I think you should define home url in the blade page you use vue app like this.

<script>
      window.home = "<?php echo your-host-url ?>";
</script>

To make sure the API route is correct you add:

axios.get(window.home + '/api/user').then(response => {
    this.userInfo = response.data
})

answered May 15 '22 at 06:29

Hai Tien

2,929
7
36
55

does not work brother – K.S. Azim May 15 '22 at 07:15

score -1 · Answer 2 · answered Feb 17 '23 at 17:52

-1

The solution is adding this to .htaccess of root folder (not only inside the public folder)

# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

answered Feb 17 '23 at 17:52

Subrata Mondal

822
7
17

Laravel sanctum works in localhost, but returns 401 unauthenticated in live server

2 Answers2