0

I have two laravel projects

  • Bac4 laravel v.8
  • InfraProject laravel v.9

I want them to communicate using the Laravel Sanctum API. I want the InfraProject to access some data in the Bac4 project and vice versa.

The Problem

When InfraProject is trying to access the Bac4 using a token, InfraProject is being silly. InfraProject is using its own database to verify the token from the Bac4. Mind you that the Token is in the database of Bac4. I can't seem to find the problem why the InfraProject is using it's own database to verify the token from another database.

I came to this conclusion that the InfraProject is accessing its own database is because i have tried to use a login API

Bac4

Route::post('/login', function (Request $request) {
    $credentials = $request->validate([
        'email' => 'required|email',
        'password' => 'required',
    ]);

    if (!Auth::attempt($credentials)) {
        return response()->json(['message' => 'Invalid credentials'], 401);
    }

    $user = Auth::user();
    $token = $user->createToken('API Token')->plainTextToken;

    return response()->json([
        'user' => $user,
        'token' => $token,
    ]);
});

InfraProject The credentials are definitely in the bac4 database.

$response = Http::post('http://bac4.test/api/login', [
    'email' => 'ba****[email protected]',
    'password' => '******',
]);

$token = $response->json('token');
dd($token, $response);

but when i use a credential from the InfraProject's database. It produced a Token.

What i have tried I have tried to remove the middleware auth:sanctum which i have declared in Bac4. Route::get('prs', [PrController::class, 'index']); But the InfraProject is, again, using its own database to access the prs table.

I ensured that both projects has \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class in the kernel in api array.

I also ensure that all affected models has a $connection specified.

ChatGpt can't figure the root cause of this, so this is my last chance.

I hope that you can help me.

Improve this question

1 Answer 1

Reset to default
0

I implemented similar thing by using laravel-crud-wizard-free coupled with sanctum for authorizing the requests and I did not had this issue. Leave AI out of your coding habit and you will be better.

I suggest you check the laravel https://laravel.com/docs/11.x/sanctum#api-token-authentication documentation on how to use sanctum + make sure each project has its own DB schema.

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

Thank you for your insight. I should let you know that when i use another system (Permitting System) to access the bac4, there is no problem. But when i use the infraproject there is a problem. And besides I have a working knowledge of API Sanctum, so there is really no need for me to review the docs again. Anyway, thank you for your answer.
@RexZednelab the InfraProject accessing its own database for checking the token when it is the initiator of the request makes no sense. InfraProject should call login on bac4 to get a token, then is should make the request to bac4 with the bearer token in header. Maybe you are saving the login token in InfraProject's db and taking it from there but it could be expired.
I know right. It doesn't make sense at all. That's why I am here to ask you guys, what could be the problem. Does this scenario happen before?
Are you sure the endpoint url is set right in both bac4 APP_URL and in the infra project as destination url?
It is really nice of you to be curious of what is the setup. But yes, the URL's are correct. bac4.test.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.