public/pp-planer
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

fix(auth): add Sanctum stateful middleware so SPA API routes work with session cookies

Browse source 
- Add EnsureFrontendRequestsAreStateful to api middleware stack
- Create config/sanctum.php with cts-work.test as stateful domain
- Fixes 'Unauthenticated' error on SongDB and other API-backed pages
This commit is contained in:
Thorsten Bus 2026-03-02 13:25:29 +01:00
parent 22f1829132
commit 6c59922e96
2 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
bootstrap/app.php
View file

@ -19,6 +19,10 @@
$schedule->command('cts:sync')->hourly(); $schedule->command('cts:sync')->hourly();
}) })
->withMiddleware(function (Middleware $middleware): void { ->withMiddleware(function (Middleware $middleware): void {
$middleware->api(prepend: [
\Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
]);
$middleware->web(append: [ $middleware->web(append: [
\App\Http\Middleware\HandleInertiaRequests::class, \App\Http\Middleware\HandleInertiaRequests::class,
\Illuminate\Http\Middleware\AddLinkHeadersForPreloadedAssets::class, \Illuminate\Http\Middleware\AddLinkHeadersForPreloadedAssets::class,

5
config/sanctum.php Normal file
View file

@ -0,0 +1,5 @@
<?php
return [
'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', 'localhost,localhost:8000,127.0.0.1,127.0.0.1:8000,::1,cts-work.test')),
];