5

I have the following routes in place:

Route::group(['prefix' => 'api/v1', 'middleware' => 'api'], function() {
    Route::resource('authenticate', 'AuthenticateController', ['only' => ['index']]);
    Route::post('authenticate', 'AuthenticateController@authenticate');
    Route::resource('users', 'UserController');
});

The UserController has a test to ensure that when a user is submitted via POST, that it validates the input correctly. This should return a 422 when invalid, but it actually returns a 302. In Postman, it raises a CSRF token error, suggesting the web middleware group is being applied, which is not the behaviour I want.

How can I prevent this happening?

Improve this question

1 Answer 1

Reset to default
8

In RouteServiceProvider.php change

    $router->group([
        'namespace' => $this->namespace, 'middleware' => 'web',
    ], function ($router) {
        require app_path('Http/routes.php');
    });

to:

    $router->group([
        'namespace' => $this->namespace,
    ], function ($router) {
        require app_path('Http/routes.php');
    });

And then wrap your web routes with Route::group(['middleware' => 'web']) in routes.php. So api routes will be not affected by web middleware.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I was also not getting the $errors in the views and in route:list I was seeing web middleware as appearing twice. But, this was the solution to solve both.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.