You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm having such a strange issue I don't understand what could be wrong.
My code/configuration locally is not behaving the same way in production.
The workflow
Send a login request and receive back an access_token
Send a second request with the access_token in the header as: Authorization: Bearer ...
In production
Step 1 works I receive back the access_token.
Step 2, I always get back a null user session. I checked in production and the Authorization header does arrive intact and the value is also correct. But then why would it not process this properly like in localhost?
Specifically my issue is here: src/server/vendor/nuwave/lighthouse/src/Support/Http/Middleware/AttemptAuthentication.php
protected function attemptAuthentication(array $guards): void
{
if (empty($guards)) {
$guards = [config('lighthouse.guard')];
}
foreach ($guards as $guard) {
if ($this->authFactory->guard($guard)->check()) { // <---- the culprint
$this->authFactory->shouldUse($guard);
return;
}
}
}
On both development and production guards has the same value of ['api'].
However in development the following line returns true, but in production this returns false
$this->authFactory->guard($guard)->check()
How could this be? It's the exact same code running.
I specifically validated on production that the token I'm sending does not get altered and is properly received. It is the token specifically returned by the login endpoint of production.
The text was updated successfully, but these errors were encountered:
@newtoniumx3 Make sure your web server is passing along the Authorization header, some servers are not configure to allow that header to be passed on the request so the header will never get there to be validated.
I'm having such a strange issue I don't understand what could be wrong.
My code/configuration locally is not behaving the same way in production.
The workflow
In production
Specifically my issue is here:
src/server/vendor/nuwave/lighthouse/src/Support/Http/Middleware/AttemptAuthentication.php
On both development and production guards has the same value of ['api'].
However in development the following line returns true, but in production this returns false
How could this be? It's the exact same code running.
I specifically validated on production that the token I'm sending does not get altered and is properly received. It is the token specifically returned by the login endpoint of production.
The text was updated successfully, but these errors were encountered: