I have Laravel Sanctum set up for API and Web routes.
My guarded Web routes are defined like so:
Route::get('/my-account', [UserController::class, 'getMyAccount'])
->middleware('auth:sanctum');
As for how I'm storing the token, on login and register requests, I saw online somewhere to return the token as a HTTP cookie like so:
UserController.php
public function create(CreateUserRequest $request): JsonResponse
{
// The userService->create() code works and has been tested.
// It creates a user and Sanctum token, and returns them.
// No need to show it as not part of the issue and just gets convoluted
$response = $this->userService->create($request->validated());
$cookie = cookie('BEARER-TOKEN', $response['token'], 60);
return response()
->json($response)
->cookie($cookie);
}
Here's the API route for that function:
Route::post('/user', [UserController::class, 'create']);
Though when I try to access /my-account after creating it. Sanctum fails validation, and redirects me to my login route.
Am I doing something wrong?
