2

I have been working with Laravel since version 5.X up to version 8.X but always use it for backend API (never used blade template), and always pair it with VueJS on the front-end using JWT authentication (also never messed with any other authentication method).

Now with Laravel 9 and Vue 3, Im trying to use native Laravel Jetstream that uses SANCTUM and Vue+Inertia JS, and I'm quite lost with the authentication process. with JWT method, once the user succesfully login on the browser, all api request to Laravel will be authenticated using Authoraziation header. but this seems a different case with Sanctum.

After deploying and installing Jetstream and completed all the set-up. I created a user and loggedin with that user details. and I notice few things, there is a default API route

Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
    return $request->user();
});

when I tried to directly access my.domain/api/user I notice it was redirected to GET /login

then redirected again to GET /dashboard

I then created a test api route using below

Route::get('test', function( Request $req) {
    dd( [
        'test' => $req->all(),
        'user' => auth()->user(),
        'request' => $req
    ] );
});

and I notice this request is not authenticated even when the cookies is present on the request as Im when I'm alraedy logged-in on the same browser, the auth()->user() is null.

I tried adding auth:sanctum middleware

Route::middleware('auth:sanctum')->get('test', function( Request $req) {
    dd( [
        'test' => $req->all(),
        'user' => auth()->user(),
        'request' => $req
    ] );
});

but having sanctum middle behave the same as the api/user where if i open api/test directly on the browser, it gets redirected to GET /login then redirected again to GET /dashboard and I'm quite lost at this point. I tried reading the docs and it says I have to do a separate authentication for this that would issue an API token and I was thinking I might better be going back with using JWT auth as it seems a lot easier to deal with.

So my question is; How can I authenticate an API end-point without having to redirect it to /login then /dashboard if the user is already logged in on my application using default sanctum authentication.

My goal is just to simply create /api/test that will be automatically authenticated if user already loggedin on the same browser and return the data I set on its return value and not doing any redirects.

Appreciate any help

SymmetricsWeb
  • 586
  • 6
  • 20

2 Answers2

0

I have got the same issue with laravel8 Jetstream and inertia vue3.

Am looking for the solution since 3 days posting messages on discord, searching on YouTube and more but nothing.

When i make an api call from your SPA to laravel, i got UNAUTHENTICATED response.

s17
  • 71
  • 5
0

on postman you need put

headers Accept = application/json

this tells your application know how works with Json and go stop redirect to "Login"

Kaoos
  • 1
  • 1