fix sanctum configuration

Author: AmonDeShir

bootstrap/app.php

@@ -9,10 +9,12 @@
 return Application::configure(basePath: dirname(__DIR__))
     ->withRouting(
         web: __DIR__ . "/../routes/web.php",
+        api: __DIR__ . "/../routes/api.php",
         commands: __DIR__ . "/../routes/console.php",
         health: "/up",
     )
     ->withMiddleware(function (Middleware $middleware): void {
+        $middleware->statefulApi();
     })
     ->withExceptions(function (Exceptions $exceptions): void {
     })->create();

config/cors.php

@@ -0,0 +1,34 @@
+<?php
+
+declare(strict_types=1);
+
+return [
+    /*
+    |--------------------------------------------------------------------------
+    | Cross-Origin Resource Sharing (CORS) Configuration
+    |--------------------------------------------------------------------------
+    |
+    | Here you may configure your settings for cross-origin resource sharing
+    | or "CORS". This determines what cross-origin operations may execute
+    | in web browsers. You are free to adjust these settings as needed.
+    |
+    | To learn more: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
+    |
+    */
+
+    "paths" => ["api/*", "sanctum/csrf-cookie"],
+
+    "allowed_methods" => ["*"],
+
+    "allowed_origins" => ["*"],
+
+    "allowed_origins_patterns" => [],
+
+    "allowed_headers" => ["*"],
+
+    "exposed_headers" => [],
+
+    "max_age" => 0,
+
+    "supports_credentials" => false,
+];

database/seeders/DatabaseSeeder.php

@@ -14,8 +14,10 @@ public function run(): void
         $this->call(RoleSeeder::class);
         $this->call(PermissionsSeeder::class);
 
-        User::factory([
-            "email" => "[email protected]",
-        ])->admin()->create();
+        if (User::query()->where("email", "=", "[email protected]")->count() === 0) {
+            User::factory([
+                "email" => "[email protected]",
+            ])->admin()->create();
+        }
     }
 }

routes/api.php

@@ -3,31 +3,27 @@
 declare(strict_types=1);
 
 use CommunityWithLegends\Models\User;
-use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Route;
 use Illuminate\Validation\ValidationException;
 
-Route::middleware("auth:sanctum")->get("/user", fn(Request $request): JsonResponse => new JsonResponse($request->user()));
-Route::post('/sanctum/token', function (Request $request) {
+Route::post("/auth/token", function (Request $request) {
     $request->validate([
-        'email' => 'required|email',
-        'password' => 'required',
-        'device_name' => 'required',
+        "email" => "required|email",
+        "password" => "required",
+        "device_name" => "required",
     ]);
 
-    $user = User::where('email', $request->email)->first();
+    $user = User::query()->where("email", $request->email)->first();
 
-    if (! $user || ! Hash::check($request->password, $user->password)) {
+    if (!$user || !Hash::check($request->password, $user->password)) {
         throw ValidationException::withMessages([
-            'email' => ['The provided credentials are incorrect.'],
+            "email" => ["The provided credentials are incorrect."],
         ]);
     }
 
     return $user->createToken($request->device_name)->plainTextToken;
 });
 
-Route::get("/a", fn(): JsonResponse => response()->json([
-    "message" => "Welcome2",
-]));
+Route::get("/user", fn(Request $request) => $request->user())->middleware("auth:sanctum");

routes/web.php

@@ -8,5 +8,3 @@
 Route::get("/", fn(): JsonResponse => response()->json([
     "message" => "Welcome",
 ]));
-
-include "api.php";