Skip to content

DEV Community

David Carr

Posted on May 7, 2020 • Originally published at dcblog.dev on Feb 29, 2020

Laravel returns 302 for unauthenticated calls

I've started to secure API calls with Laravel Airlock, when calling a route that's been secured with the middleware auth:airlock unauthenticated calls we're returning a status code of 302 means the route has been found. When 401 unauthenticated should have been returned.

Turns out it was not a Laravel Airlock issue but how Laravel handles ajax calls in order for an API call to be treated as an API call it requires a header called Accept and a value of application/json. With this heading in place, 401 will be returned for unauthenticated calls.

Top comments (0)

Subscribe

Read next

Scaling Google Cloud Pub/Sub: Horizontal vs. Vertical Approaches

Vaibhav Solanki - Apr 24

Understanding the Basics of How the Web Works

Oloruntobi Ajayi - Apr 24

6 Best Docker Alternatives in 2024

supportfly - Apr 24

Benefits of Using React Js For Custom Web Development

oliviaeve - Apr 24

For the past 18 years, I've been developing applications using mostly PHP. I love to write tutorials and get involved with the community.

Location

Hull, East Yorkshire, England
Education

Degree
Joined

Aug 26, 2018

GitHub patch release previous version

How to disable Laravel console commands

#laravel #console #commands

The podcasts I listen to as a PHP developer