Laravel Passport Consuming own API with Axios 401 Unauthenticated

1
votes

i can't seem to consume my own Laravel API with Axios, i have tried almost all solutions i came across can someone please help me out,

i have properly:

  1. Installed.
  2. Registered passport service provider.
  3. Migrated and generated passport keys.
  4. Added HasApiTokens trait into my user model.
  5. Added Passport::routes() into AuthServiceProvider.php.
  6. Change my config\auth.php.
  7. Added \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class into last place my web middleware group. as per the laravel documentation for consuming own api with javascript.

i have tested it with Axios inside vue components in a web browser normal web login. and through postman: api-login, using the returned token to make api call it works on my development machine. But on my production server(Shared Hosting) it keeps returning "Unauthorized" in web browser using web login and using Axios within vue component, and API call in postman returns "Unauthorized" too after login i get a token with i use in making the Postman call.

i checked the request headers are sent too:

  1. x-csrf-token
  2. x-xsrf-token
  3. and also included in the cookie header
1
phplaravelaxioslaravel-passport

1 Answers

0
votes

Please, ensure the following things as you are running laravel on shared hosting.

  1. Check your root URL set properly with a public folder or You have moved the files of the public folder into the root.
  2. Most importantly check you have .env file & all the files & folders have the proper permissions.
  3. Also, check all the PHP modules (laravel requirements) that are loaded properly with the proper PHP version.
  4. If above steps are correct, then the problem might be your shared server using fcgi rather than regular PHP module. Hence, HTTP_AUTHORIZATION failing there. You can add following codes into the .htaccess file RewriteEngine On RewriteCond %{HTTP:Authorization} ^(.+)$ RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] that should do HTTP_AUTHORIZATION & solve the problem.

I hope these fix your problem.