Comments (7)
naveen1941
commented on May 12, 2024
5
Hey @driesvints, i've noticed a strange bug when writing unit tests for logout. My logout() method is the same as described above.
Test code => https://pastebin.com/LZ7wMgeg
Response i get:
{"message":"Call to undefined method Laravel\\Sanctum\\TransientToken::delete()","errors":null}Weird thing here is that route actually works when you call it from Postman/Application, but test fails. Maybe i am doing something wrong ?
I am also facing the same issue.
from sanctum.
Sporium
commented on May 12, 2024
3
In my case
{"message":"Call to undefined method Laravel\Sanctum\TransientToken::delete()","errors":null}
error was because of EnsureFrontendRequestsAreStateful::class in app/Http/Kernel.php 'api' section.
As i found out (hope Im not wrong) when you include EnsureFrontendRequestsAreStateful middware Laravel try to authenticate you using CSRF token not bearerToken. And because in
vendor/laravel/sanctum/src/Guard.php
this guard check is prior you create new TransientToken.
When you try to user()->currentAccessToken()->delete() it fails by trying to call delete() from TransientToken.
But if you want to delete bearer Token its in PersonalAccessToken
so you can PersonalAccessToken::findToken($request->bearerToken())->delete(); but this looks wrong:)
If you use Mobile Application Authentication you can simply remove EnsureFrontendRequestsAreStateful and this will fix problem.
If you want to use that middelware:
This issue can be fixed just moving this lines https://github.com/laravel/sanctum/blob/2.x/src/Guard.php#L54-L58
below this https://github.com/laravel/sanctum/blob/2.x/src/Guard.php#L60-L75
If this structure not critical that helps with this problem (or we need something to chose what token we want to use)
Also to revoke CSRF token use $request->session()->invalidate();
from sanctum.
Dzale
commented on May 12, 2024
2
Hey @driesvints, i've noticed a strange bug when writing unit tests for logout. My logout() method is the same as described above.
Test code => https://pastebin.com/LZ7wMgeg
Response i get:
{"message":"Call to undefined method Laravel\\Sanctum\\TransientToken::delete()","errors":null}
Weird thing here is that route actually works when you call it from Postman/Application, but test fails. Maybe i am doing something wrong ?
from sanctum.
icedevbug
commented on May 12, 2024
1
The Bearer prefix must be added to the Header Authorization
axios.defaults.headers.Authorization = "Bearer " + token;
from sanctum.
driesvints
commented on May 12, 2024
Heya, feel free to send in a PR if you want.
from sanctum.
jerearaujo03
commented on May 12, 2024
I'm getting the same
from sanctum.
masihfathi
commented on May 12, 2024
do you find any valid solution to this issue? i want use spa and http authentication with the same code but i got error in user()->currentAccessToken()->delete(),also i use EnsureFrontendRequestsAreStateful middleware
from sanctum.
Related Issues (20)
- Sanctum middleware stops running Laravel application HOT 1
- expires_at dont set a default value from config.sanctum.expiration HOT 1
- sanctum sets as default guard here \Illuminate\Auth\AuthManager::shouldUse and not resolved HOT 1
- Reason for sanctum X-XSRF-TOKEN mismatch code 419
- Custom bearer token format returns 404 after PR #417 HOT 1
- Optional Force JSON errors HOT 1
- Expiration is not working in HOT 5
- Token Expiration issue HOT 1
- Expiration config not working HOT 4
- Data truncated for column 'tokenable_id' HOT 5
- The AuthenticateSession middleware assumes that the user has a password HOT 2
- Support expiration by seconds HOT 1
- Guest middleware not working properly with Sanctum + Inertia (+ Vue) HOT 1
- Auth guard [sanctum] is not defined. HOT 1
- Direct links to API routes HOT 1
- Migration file conflicts HOT 1
- Standalone tokens (without user model / tokenable_type relationship) HOT 1
- Update from 2.x to 3.x - isValidBearerToken() - ctype_digit() HOT 1
- SPA authentication leads to '400: bad request error' HOT 1
- Update to Laravel 11 causes 401 issues when using stateful domains HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sanctum.