I am using passport to signup and login a user using api an guard, but while the signup process works fine I cannot login using my code. I have tested it on another VM where it works fine.
The returned JSON is
{
"message": "Unauthorized",
"request": {
"username": "lloyd.thomas.admin",
"password": "mypassowrd"
}
}
I have used the native password_verify to test passowrd and it shows it as being valid. Authcontroller.php
public function login(Request $request) {
$request->validate([
'username' => 'required|string',
'password' => 'required|string',
'remember_me' => 'boolean'
]);
$credentials = request(['username', 'password']);
if (!Auth::attempt($credentials)){
return response()->json([
'message' => 'Unauthorized',
'request' => request(['username', 'password']),
], 401);
}
$user = $request->user();
$tokenResult = $user->createToken('Personal Access Token');
$token = $tokenResult->token;
if ($request->remember_me){
$token->expires_at = Carbon::now()->addWeeks(1);
}
$token->save();
return response()->json([
'access_token' => $tokenResult->accessToken,
'token_type' => 'Bearer',
'expires_at' => Carbon::parse(
$tokenResult->token->expires_at
)->toDateTimeString()
]);
}
In App/Models/User
public function setPasswordAttribute($password) {
$this->attributes['password'] = bcrypt($password);
}
In Routes api.php
Route::group([
'prefix' => 'auth'
], function () {
Route::post('login', 'ApiControllers\AuthController@login');
Route::post('signup', 'ApiControllers\AuthController@signup');
Route::group([
'middleware' => 'auth:api'
], function() {
Route::get('logout', 'ApiControllers\AuthController@logout');
Route::get('user', 'ApiControllers\AuthController@user');
});
});
The username and password passes authentication when using web guard but not api
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
