My Laravel + GatsbyJS app uses auth:sanctum for login management, other users are getting server 500 errors, but my login is working fine
P粉215292716
2023-09-04 09:08:41
<p>So I have an app (using laravel for the backend and GatsbyJS for the frontend) that I'm helping develop.
A month ago, all users were able to log in without issues. But I found that now, all users cannot log in in the production environment (except me). </p>
<p>login.jsx file</p>
<pre class="brush:php;toolbar:false;">const formChanged = async (e) => {
setError(false);
e.preventDefault();
setSubmitting(true);
let loginData = getValues();
let response = await login(loginData.email, loginData.password);
setSubmitting(false);
if (response.error) {
setError(true);
setValue('password', '');
} else {
navigate('/app/idm/');
}
};</pre>
<p>let response = await login() calls a method named login, which is located in the api.js file</p>
<p>api.js file</p>
<pre class="brush:php;toolbar:false;">// Log in to the application
export const login = async (email, password) => {
// send request
let response = await makeRequest('post', '/login', { email, password });
// If there are no errors, set the token and user
if (!response.error && isBrowser()) {
localStorage.setItem('idm_token', response.data.access_token);
let my_user = JSON.stringify(await me(response.data.access_token));
localStorage.setItem('idm_user', my_user);
}
return response;
};</pre>
<p>When we pass the email and password, this data is verified and at this point, all users are able to generate tokens without issue. </p>
<p> (For reference only, the code to generate the sanctum token)
api.php file</p>
<pre class="brush:php;toolbar:false;">Route::post('/login', function(Request $request) {
$login = $request->only('email', 'password');
if (Auth::attempt($login)) {
$user = User::where('email', $request['email'])->firstOrFail();
$token = $user->createToken('auth_token')->plainTextToken;
return response()->json([
'access_token' => $token,
'token_type' => 'Bearer'
]);
}
return response()->json(["message" => "Authentication failed"], 401);
})->name('api.login');</pre>
<p>The problem appears to be accessing routes that are currently protected by auth:sanctum. Again, all users are able to generate tokens, but only my login details allow me to access the route.
All other users will receive a server 500 error. </p>
<p>This happens in the api.js file when we try to get my_user details: </p>
<pre class="brush:php;toolbar:false;">let my_user = JSON.stringify(await me(response.data.access_token));</pre>
<p>Another problem I'm having is that my laravel application in production stopped outputting errors a few months ago and I can't figure out how to fix the error logging issue in production (in development, Error logging is OK).</p>
<p>Sorry for the lack of details, I'm very new to all this and if there are any tips or things to try I'd really appreciate it, even if I don't get the answer I'm more than willing to work on learning and solving this question. </p>
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
To further troubleshoot the issue, I decided to look at why I wasn't receiving the error logs.
I decided to set the storage folder and its contents to chmod 777
Add -R to recursively set content to 777
This actually solved my login issue, but I noticed that after returning the permission level to 775, some users were able to log in again, but not all.
Then I thought, maybe there is a permission issue with my log file/folder and maybe that's why I'm not getting the error log printed out?
So I looked further into my laravel.log file. Turns out it can only be read by the user (ubuntu:ubuntu). I decided to change its group to www-data
This is very helpful to me, I am able to record error logs in laravel again!
Now I see my error, roughly as follows:
So I checked every permission under storage and found that my data folder can only be accessed by the user
I added www-data as a group of the data folder:
Now, my problem is solved! (Note: My chmod permissions have been restored to 775)