Last active
April 29, 2021 02:31
-
-
Save jbnv/e0663fe817297e397d6aa5765221f370 to your computer and use it in GitHub Desktop.
Debugging 401 Unauthorized on Laravel web/auth route
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Authenticate extends \Illuminate\Auth\Middleware\Authenticate | |
| { | |
| protected function redirectTo($request) | |
| { | |
| if (! $request->expectsJson()) { | |
| return route('login'); | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const csrfToken = document.head.querySelector('meta[name="csrf-token"]'); | |
| if (csrfToken) { | |
| result = csrfToken.content | |
| if (!result) console.error('CSRF token is empty. Session has expired.'); | |
| } else { | |
| console.error('CSRF token not found.'); | |
| result = null | |
| } | |
| export default result; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import bytesToSize from '@netshapers/resources/js/util/bytesToSize'; | |
| import Dropzone from 'dropzone'; | |
| import csrfToken from '@netshapers/resources/js/util/csrf'; | |
| export default { | |
| props: { | |
| id: Number, // directory id | |
| items: Array | |
| }, | |
| data() { | |
| return { | |
| fields: [ | |
| { | |
| key: 'title', | |
| sortable: true | |
| }, | |
| { | |
| key: 'name', | |
| sortable: true | |
| }, | |
| { | |
| key: 'size', | |
| sortable: true, | |
| formatter: bytesToSize | |
| }, | |
| { | |
| key: 'created-at', | |
| sortable: true, | |
| label: 'Date' | |
| }, | |
| { | |
| key: 'actions', | |
| label: '', | |
| headerTitle: 'Actions', | |
| sortable: false | |
| }, | |
| ], | |
| } | |
| }, | |
| methods: { | |
| totalSize() { | |
| return bytesToSize(this.items.reduce( | |
| (accumulator,item) => accumulator + item.size | |
| , 0)); | |
| }, | |
| removeIncomingItems() { | |
| for (let x in items) { | |
| if (items.incoming) delete items[x]; | |
| } | |
| this.dragging = false; | |
| }, | |
| }, | |
| mounted() { | |
| const vm = this; | |
| const id = this.id; | |
| this.dropzone = new Dropzone(document.body, { // Make the whole body a dropzone | |
| url: "/directories/"+id+'/upload', // Set the url | |
| clickable: "#add-file", // Define the element that should be used as click trigger to select files. | |
| previewTemplate: "<tr class=\"dz-preview dz-file-preview\"><td></td><td class=\"dz-filename\"><span data-dz-name></span></td class=\"dz-size\" data-dz-size><td></td><td>Now</td><td></td></tr>", | |
| headers: { | |
| 'X-CSRF-TOKEN': csrfToken, | |
| 'X-Requested-With': 'XMLHttpRequest', | |
| //'Authorization': 'Bearer '+csrfToken | |
| }, | |
| }); | |
| this.dropzone.on('success', file => { | |
| vm.$emit('dropzone-success', file, vm.dropzone.element); | |
| }); | |
| this.dropzone.on('addedfile', file => { | |
| vm.$emit('dropzone-fileAdded', file); | |
| }); | |
| this.dropzone.on('removedfile', file => { | |
| vm.$emit('dropzone-removedFile', file); | |
| }); | |
| this.dropzone.on('error', (file, error, xhr) => { | |
| vm.$emit('dropzone-error', file, error, xhr); | |
| }); | |
| this.dropzone.on('successmultiple', (file, error, xhr) => { | |
| vm.$emit('dropzone-successmultiple', file, error, xhr); | |
| }); | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Kernel extends \Illuminate\Foundation\Http\Kernel | |
| { | |
| protected $middleware = [ | |
| \App\Http\Middleware\TrustProxies::class, | |
| \App\Http\Middleware\CheckForMaintenanceMode::class, | |
| \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, | |
| \App\Http\Middleware\TrimStrings::class, | |
| \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, | |
| ]; | |
| protected $middlewareGroups = [ | |
| 'web' => [ | |
| \App\Http\Middleware\EncryptCookies::class, | |
| \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, | |
| \Illuminate\Session\Middleware\StartSession::class, | |
| // \Illuminate\Session\Middleware\AuthenticateSession::class, | |
| \Illuminate\View\Middleware\ShareErrorsFromSession::class, | |
| \App\Http\Middleware\VerifyCsrfToken::class, | |
| \Illuminate\Routing\Middleware\SubstituteBindings::class, | |
| ], | |
| 'api' => [ | |
| 'throttle:60,1', | |
| 'bindings', | |
| ], | |
| ]; | |
| protected $routeMiddleware = [ | |
| 'auth' => \App\Http\Middleware\Authenticate::class, | |
| 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, | |
| 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, | |
| 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class, | |
| 'can' => \Illuminate\Auth\Middleware\Authorize::class, | |
| 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, | |
| 'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class, | |
| 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, | |
| 'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class, | |
| ]; | |
| protected $middlewarePriority = [ | |
| \Illuminate\Session\Middleware\StartSession::class, | |
| \Illuminate\View\Middleware\ShareErrorsFromSession::class, | |
| \App\Http\Middleware\Authenticate::class, | |
| \Illuminate\Session\Middleware\AuthenticateSession::class, | |
| \Illuminate\Routing\Middleware\SubstituteBindings::class, | |
| \Illuminate\Auth\Middleware\Authorize::class, | |
| ]; | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Route::middleware('auth:web') | |
| ->group(function() { | |
| Route::post('/directories/{id}/upload','DirectoryController@upload')->name('directories.upload'); | |
| }); |
Author
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Laravel calls \Illuminate\Auth\Middleware\Authenticate::authenticate with no guards. With no guards, it throws an AuthenticationException.
artisan route:listconfirms that thedirectories.uploadroute has theauthandwebmiddlewares, but maybe Laravel isn't including them?