jeudi 30 novembre 2017

Laravel / VueJS 403 despite hardset true values

I've got an SPA where I'm using Laravel 5.5 as the framework and VueJS in the frontend. I've installed passport but am unsure whether I've done it properly as the documentation seems to go a little bit over my head.

Any post requests that attempt to verify the user through laravel's policies are returning back 403. Even when I hard code a true response through the Policy I still return a 403? The framework and SPA are on the same domain.

Process flow:

axios.delete('/api/barracks/reply/delete/' + this.reply.id, {
   id: this.reply.id
});

-> Which processes through here in my Routes/API

Route::delete('/barracks/reply/delete/{reply}','ForumRepliesController@destroy');

Which then goes here:

public function destroy(ForumReply $reply)
{
    $this->authorize('update', $reply);
}

Which then goes through this:

public function update(User $user, ForumReply $forumReply)
{

    return true;

}

It returns a 403 error. What is also strange is that if I manually try to do the validation with something like an Auth::id()==$reply->id logic it fails because the Auth::id is null??? However in a create method it's able to correctly insert auth()->id() for the same controller.



via Chebli Mohamed

Aucun commentaire:

Enregistrer un commentaire