API with laravel sanctum
Forum rules
Always add your Laravel, Aimeos and PHP version as well as your environment (Linux/Mac/Win)
Spam and unrelated posts will be removed immediately!
Always add your Laravel, Aimeos and PHP version as well as your environment (Linux/Mac/Win)
Spam and unrelated posts will be removed immediately!
-
DamanMokha
- Posts: 13
- Joined: 29 Mar 2023, 03:00
API with laravel sanctum
Hi, I'm using Laravel Sanctum. I added it as middleware in shop.php for the "jsonapi" route, but the issue is that it blocks all public access and asks for login for products, categories, etc. When I don't pass auth:sanctum as middleware, it doesn't treat the user as logged in. How can I use auth:sanctum so that the jsonapi route works fine for both logged-in and non-logged-in users?
Here is my composer show
Code: Select all
'routes' => [
// Docs: https://aimeos.org/docs/latest/laravel/extend/#custom-routes
// Multi-sites: https://aimeos.org/docs/latest/laravel/customize/#multiple-shops
'admin' => ['prefix' => 'admin', 'middleware' => ['web']],
'jqadm' => ['prefix' => 'admin/{site}/jqadm', 'middleware' => ['web', 'auth']],
'jsonadm' => ['prefix' => 'admin/{site}/jsonadm', 'middleware' => ['web', 'auth']],
'jsonapi' => ['prefix' => 'jsonapi', 'middleware' => ['web', 'api', 'auth:sanctum']],
'account' => ['prefix' => $prefix . 'profile', 'middleware' => ['web', 'auth']],
'default' => ['prefix' => $prefix . 'shop', 'middleware' => ['web']],
'supplier' => ['prefix' => $prefix . 's', 'middleware' => ['web']],
'page' => ['prefix' => $prefix . 'p', 'middleware' => ['web']],
'home' => ['prefix' => $prefix, 'middleware' => ['web']],
'update' => [],
],Code: Select all
aimeos-extensions/cottage-buttcher dev-development Aimeos cottage-but...
aimeos/ai-admin-graphql 2022.10.7 Aimeos Admin Graph...
aimeos/ai-admin-jqadm 2022.10.8 Aimeos VueJS+Boots...
aimeos/ai-admin-jsonadm 2022.10.2 Aimeos JSON admin ...
aimeos/ai-client-html 2022.10.x-dev 2f8a430 Aimeos standard HT...
aimeos/ai-client-jsonapi 2022.10.4 Aimeos frontend JS...
aimeos/ai-cms-grapesjs 2022.10.8 Aimeos GrapesJS CM...
aimeos/ai-controller-frontend 2022.10.6 Aimeos business co...
aimeos/ai-controller-jobs 2022.10.8 Aimeos job control...
aimeos/ai-laravel 2022.10.6 Laravel adapter fo...
aimeos/ai-payments 2022.10.5 Payment extension ...
aimeos/aimeos-base 2022.10.4 Aimeos base layer ...
aimeos/aimeos-core 2022.10.12 Full-featured e-co...
aimeos/aimeos-laravel 2022.10.6 Professional, full...
aimeos/macro 1.0.0 Dynamically extend...
aimeos/map 3.5.0 Easy and elegant h...
aimeos/upscheme 0.8.7 Database schema up...
brick/math 0.11.0 Arbitrary-precisio...
clue/stream-filter v1.6.0 A simple and moder...
defuse/php-encryption v2.3.1 Secure PHP Encrypt...
dflydev/dot-access-data v3.0.2 Given a deep data ...
doctrine/cache 2.2.0 PHP Doctrine Cache...
doctrine/dbal 3.6.1 Powerful PHP datab...
doctrine/deprecations v1.0.0 A small layer on t...
doctrine/event-manager 2.0.0 The Doctrine Event...
doctrine/inflector 2.0.6 PHP Doctrine Infle...
doctrine/instantiator 2.0.0 A small, lightweig...
doctrine/lexer 3.0.0 PHP Doctrine Lexer...
dragonmantank/cron-expression v3.3.2 CRON for PHP: Calc...
egulias/email-validator 4.0.1 A library for vali...
enshrined/svg-sanitize 0.16.0 An SVG sanitizer f...
ezyang/htmlpurifier v4.16.0 Standards complian...
fakerphp/faker v1.21.0 Faker is a PHP lib...
filp/whoops 2.15.2 php error handling...
firebase/php-jwt v6.4.0 A simple library t...
fruitcake/php-cors v1.2.0 Cross-origin resou...
graham-campbell/result-type v1.1.1 An Implementation ...
guzzlehttp/guzzle 7.5.0 Guzzle is a PHP HT...
guzzlehttp/promises 1.5.2 Guzzle promises li...
guzzlehttp/psr7 2.4.4 PSR-7 message impl...
guzzlehttp/uri-template v1.0.1 A polyfill class f...
hamcrest/hamcrest-php v2.0.1 This is the PHP po...
laminas/laminas-diactoros 2.25.1 PSR HTTP Message i...
laravel/breeze v1.19.2 Minimal Laravel au...
laravel/framework v9.52.5 The Laravel Framew...
laravel/passport v11.8.5 Laravel Passport p...
laravel/sail v1.21.4 Docker files for r...
laravel/sanctum v2.15.1 Laravel Sanctum pr...
laravel/serializable-closure v1.3.0 Laravel Serializab...
laravel/tinker v2.8.1 Powerful REPL for ...
lcobucci/clock 3.0.0 Yet another clock ...
lcobucci/jwt 4.3.0 A simple library t...
league/commonmark 2.4.0 Highly-extensible ...
league/config v1.2.0 Define configurati...
league/event 2.2.0 Event package
league/flysystem 3.14.0 File storage abstr...
league/mime-type-detection 1.11.0 Mime-type detectio...
league/oauth2-server 8.5.1 A lightweight and ...
league/uri 6.8.0 URI manipulation l...
league/uri-interfaces 2.3.0 Common interface f...
mockery/mockery 1.5.1 Mockery is a simpl...
moneyphp/money v4.1.1 PHP implementation...
monolog/monolog 2.9.1 Sends your logs to...
myclabs/deep-copy 1.11.1 Create deep copies...
namshi/jose 7.2.3 JSON Object Signin...
nesbot/carbon 2.66.0 An API extension f...
nette/schema v1.2.3 📐 Nette Schema:...
nette/utils v4.0.0 🛠 Nette Utils:...
nikic/php-parser v4.15.4 A PHP parser writt...
nunomaduro/collision v6.4.0 Cli error handling...
nunomaduro/termwind v1.15.1 Its like Tailwind ...
nyholm/psr7 1.6.0 A fast PHP7 implem...
omnipay/common v3.2.0 Common components ...
omnipay/stripe v3.2.0 Stripe driver for ...
paragonie/constant_time_encoding v2.6.3 Constant-time Impl...
paragonie/random_compat v9.99.100 PHP 5.x polyfill f...
phar-io/manifest 2.0.3 Component for read...
phar-io/version 3.2.1 Library for handli...
php-http/curl-client 2.2.1 PSR-18 and HTTPlug...
php-http/discovery 1.15.3 Finds and installs...
php-http/httplug 2.3.0 HTTPlug, the HTTP ...
php-http/message 1.13.0 HTTP Message relat...
php-http/message-factory v1.0.2 Factory interfaces...
php-http/promise 1.1.0 Promise used for a...
php-open-source-saver/jwt-auth 2.1.0 JSON Web Token Aut...
phpoption/phpoption 1.9.1 Option Type for PHP
phpseclib/phpseclib 3.0.19 PHP Secure Communi...
phpunit/php-code-coverage 9.2.26 Library that provi...
phpunit/php-file-iterator 3.0.6 FilterIterator imp...
phpunit/php-invoker 3.1.1 Invoke callables w...
phpunit/php-text-template 2.0.4 Simple template en...
phpunit/php-timer 5.0.3 Utility class for ...
phpunit/phpunit 9.6.6 The PHP Unit Testi...
psr/cache 3.0.0 Common interface f...
psr/clock 1.0.0 Common interface f...
psr/container 2.0.2 Common Container I...
psr/event-dispatcher 1.0.0 Standard interface...
psr/http-client 1.0.2 Common interface f...
psr/http-factory 1.0.2 Common interfaces ...
psr/http-message 1.1 Common interface f...
psr/log 3.0.0 Common interface f...
psr/simple-cache 3.0.0 Common interfaces ...
psy/psysh v0.11.15 An interactive she...
ralouphie/getallheaders 3.0.3 A polyfill for get...
ramsey/collection 2.0.0 A PHP library for ...
ramsey/uuid 4.x-dev 8e95530 A PHP library for ...
sebastian/cli-parser 1.0.1 Library for parsin...
sebastian/code-unit 1.0.8 Collection of valu...
sebastian/code-unit-reverse-lookup 2.0.3 Looks up which fun...
sebastian/comparator 4.0.8 Provides the funct...
sebastian/complexity 2.0.2 Library for calcul...
sebastian/diff 4.0.4 Diff implementation
sebastian/environment 5.1.5 Provides functiona...
sebastian/exporter 4.0.5 Provides the funct...
sebastian/global-state 5.0.5 Snapshotting of gl...
sebastian/lines-of-code 1.0.3 Library for counti...
sebastian/object-enumerator 4.0.4 Traverses array st...
sebastian/object-reflector 2.0.4 Allows reflection ...
sebastian/recursion-context 4.0.5 Provides functiona...
sebastian/resource-operations 3.0.3 Provides a list of...
sebastian/type 3.2.1 Collection of valu...
sebastian/version 3.0.2 Library that helps...
spatie/backtrace 1.4.0 A better backtrace
spatie/flare-client-php 1.3.6 Send PHP errors to...
spatie/ignition 1.5.0 A beautiful error ...
spatie/laravel-ignition 1.6.4 A beautiful error ...
stripe/stripe-php v10.12.1 Stripe PHP Library
symfony/console v6.2.8 Eases the creation...
symfony/css-selector v6.2.7 Converts CSS selec...
symfony/deprecation-contracts v3.2.1 A generic function...
symfony/error-handler v6.2.7 Provides tools to ...
symfony/event-dispatcher v6.2.8 Provides tools tha...
symfony/event-dispatcher-contracts v3.2.1 Generic abstractio...
symfony/finder v6.2.7 Finds files and di...
symfony/http-foundation v6.2.8 Defines an object-...
symfony/http-kernel v6.2.8 Provides a structu...
symfony/mailer v6.2.8 Helps sending emails
symfony/mime v6.2.7 Allows manipulatin...
symfony/options-resolver v6.2.7 Provides an improv...
symfony/polyfill-ctype v1.27.0 Symfony polyfill f...
symfony/polyfill-intl-grapheme v1.27.0 Symfony polyfill f...
symfony/polyfill-intl-idn v1.27.0 Symfony polyfill f...
symfony/polyfill-intl-normalizer v1.27.0 Symfony polyfill f...
symfony/polyfill-mbstring v1.27.0 Symfony polyfill f...
symfony/polyfill-php56 v1.20.0 Symfony polyfill b...
symfony/polyfill-php72 v1.27.0 Symfony polyfill b...
symfony/polyfill-php80 v1.27.0 Symfony polyfill b...
symfony/polyfill-uuid v1.27.0 Symfony polyfill f...
symfony/process v6.2.8 Executes commands ...
symfony/psr-http-message-bridge v2.1.4 PSR HTTP message b...
symfony/routing v6.2.8 Maps an HTTP reque...
symfony/service-contracts v3.2.1 Generic abstractio...
symfony/string v6.2.8 Provides an object...
symfony/translation v6.2.8 Provides tools to ...
symfony/translation-contracts v3.2.1 Generic abstractio...
symfony/uid v6.2.7 Provides an object...
symfony/var-dumper v6.2.8 Provides mechanism...
symfony/yaml v6.2.7 Loads and dumps YA...
tecnickcom/tcpdf 6.6.2 TCPDF is a PHP cla...
theseer/tokenizer 1.2.1 A small library fo...
tijsverkoyen/css-to-inline-styles 2.2.6 CssToInlineStyles ...
vlucas/phpdotenv v5.5.0 Loads environment ...
voku/portable-ascii 2.0.1 Portable ASCII lib...
webmozart/assert 1.11.0 Assertions to vali...
webonyx/graphql-php v15.2.4 A PHP port of Grap...
Re: API with laravel sanctum
Sanctum is not the best option to use as authentication because it requires the user to have an API key. Instead, use JSON Web Tokens (JWT).
The Aimeos headless distribution already contains a complete setup for JWT and optional authentication for the Aimeos JSON API and we suggest to use the headless distribution if you want to create your own JS frontend. Besides JWT setup, these changes are the most important ones for optional authentication:
https://github.com/aimeos/aimeos-headle ... 54bb28ed00
If you use the HTML frontend, you don't need JWT or Sanctum because then, users can login using the Laravel login form and get a session cookie which you only need to pass back to the server.
The Aimeos headless distribution already contains a complete setup for JWT and optional authentication for the Aimeos JSON API and we suggest to use the headless distribution if you want to create your own JS frontend. Besides JWT setup, these changes are the most important ones for optional authentication:
https://github.com/aimeos/aimeos-headle ... 54bb28ed00
If you use the HTML frontend, you don't need JWT or Sanctum because then, users can login using the Laravel login form and get a session cookie which you only need to pass back to the server.
Professional support and custom implementation are available at Aimeos.com
If you like Aimeos,
give us a star
If you like Aimeos,
give us a star