framework: auth:api not working - Redirecting to login page in Postman

I have an Laravel app wherein, my routes file looks like below, but whenever I send a Postman request to store.customer.complaint, I am redirected to the login route rather than sending an unauthorized response :

Route::get('/login', function () {
    return 'Login';
});

Route::group(['prefix' => 'api/v1'], function () {

    Route::group(['prefix' => 'customer'], function () {

        Route::post('register', ['as' => 'register.customer', 'uses' => 'Api\Customer\CustomerController@store']);
        Route::post('login', ['as' => 'login.customer', 'uses' => 'Api\Customer\CustomerController@login']);

        Route::group(['middleware' => 'auth:api'], function () {

            Route::post('complaint', [
                'as'   => 'store.customer.complaint',
                'uses' => 'Api\Customer\ComplaintController@store',
            ]);

        });

    });

});

Postman Screenshot

screen shot 2016-04-26 at 9 45 00 am

About this issue

  • Original URL
  • State: closed
  • Created 8 years ago
  • Reactions: 2
  • Comments: 19 (3 by maintainers)

Most upvoted comments

Send Accept: application/jsonwith Postman

+320
rkgrep on Apr 26, 2016

I personally for convenience use ForceJson middleware for all api routes:

class ForceJson
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        // Force Json accept type
        if (! Str::contains($request->header('accept'), ['/json', '+json'])) {
            $request->headers->set('accept', 'application/json,' . $request->header('accept'));
        }

        return $next($request);
    }
}
+38
vedmant on May 28, 2019

Why is it closed, I am not able to solve it yet.

With respect, this is not a laravel bug, thus we’re closing it. Our GitHub is not a support forum.

+36
GrahamCampbell on Apr 26, 2016

Laravel shoud separate API layer from View layer. Its is very confusing. I cant consume default behaviour becouse i am creating Laravel API and i dont have any Views

+19
nerwowy on Feb 6, 2020

@GrahamCampbell Say this is not a bug?! This little presumption in code bugged me an hour to find and I now have to find a way to gracefully shut it up.

Why am I forced to accept to redirect to 'login' even if I don’t, and explicitly said so in the RedirectTo function? Worst of all, in the process of raising an exception, The Exceptions are meant for the programmer to catch and figure out what’s what. I am working on a REST API, but not all users gonna be respectful and send Accept and my API is not going to send them only JSON.

image

+14
khooz on Oct 20, 2019

Send Accept: application/jsonwith Postman

This what solved my problem after trying a lot of other ways.

+1
hasif5 on Mar 12, 2023

I found top answer here helpful: https://stackoverflow.com/questions/45015586/laravel-request-expectsjson/57758245

+1
AaronWeb on Mar 15, 2021

@rkgrep Yes, you were correct, I sent an Accept header, it worked. Thanks for the tip 😃

@GrahamCampbell Sorry for the trouble as it was my mistake

+1
viraj-khatavkar on Apr 26, 2016

If you see I am giving a application/json in raw body

I just realized, it is not Accept, but Content-type header, you nee to add Accept anyway

+1
rkgrep on Apr 26, 2016

Ok. I see now. It is not provided in Laravel. You need to modify the middleware and add $request->wantsJson() condition manually.

+1
rkgrep on Apr 26, 2016
Read more comments on GitHub
← framework: Artisan returning colorize(?) characters
framework: Auth::user always returning null →