php - Laravel passport returning Unauthenticated in production but works on localhost
问题描述
I have a laravel project that works very well on an X server and put that same project (same code) on another Y server, to my surprise the authenticated routes didn't work, I always get the unauthenticated error, why does this happen?
{
"message":"Unauthenticated.",
"success":false,
"status_code":500
}
I used the commands: - php artisan passport: install - php artisan config: cache - php artisan cache: clear - php artisan key: generate
And yet I still get the unauthenticated error, the token is being passed correctly by the front end, it's a bearer token, this token is generated when the user logs in using the createToken ('myApi') -> accessToken method
public function login(AuthLoginRequest $request)
{
$user = User::with('role')->where(['email' => $request->email])->get()->first();
if(!$user){
abort(404, 'userNotFound');
}
if(!password_verify($request->password, $user->password)){
abort(401, 'invalidCredentials');
}
$token = $user->createToken('MyApiToken')->accessToken;
Access::customCreate($request->all(), $user);
$response = [
'id' => $user->id,
'name' => $user->name,
'email' => $user->email,
'profile_image' => $user->profile_image,
'token' => $token,
'old_password_changed' => $user->old_password_changed
];
return response()->json($response, 200);
}
The login code works perfectly, it returns me the Bearer token, but after sending any request with this token I get the Unauthenticated error. Where am i going wrong? Since the same code works on another server.
解决方案
我有一个解决方案。
出了什么问题?
出于某种原因,Apache 服务器的模块忽略了 Authorization 标头,说它是为了安全(我不怀疑)。
我是怎么解决的?
我只是在 Apache 设置中禁用了以下模块:
- mod_cgid
- mod_fcgid
- mod_proxy_scgi
在 httpd.conf 文件中我添加了这一行(Linux/CentOS 7.6):
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1