John Davidson

php - Laravel passport unauthenticated message


I've been hitting wall for a while now with this, simply I can't get it where is the problem. So I've got backend Laravel and front Vue; logging in is alright, I get token but when I get into one of the routes with auth:api I get "message":"Unauthenticated.". I save token on the front, so should I send it with any request to backend or there is other way around it?


    public function login(Request $request)
$login = $request->validate([
'email' => 'required',
'password' => 'required',

return response(['message' => 'Invalid login']);

$user = User::where('email', $request->email)->first();
$accessToken = $user->createToken('Laravel Password Grant Client')->accessToken;
return response()->json(['user' => $user, 'access_token' => $accessToken]);


Route::resource('budget', BudgetController::class);


const state = {
token: localStorage.getItem('access_token') || null,
isAuthenticated: localStorage.getItem('access_token') !== null

const getters = {
isAuthenticated: state => state.isAuthenticated

const actions = {
async retrieveToken({commit}, payload){
const response = + '/login', payload)
.then(response => {
const token =

localStorage.setItem('access_token', token)

commit('setToken', token)

const mutations = {
setToken: (token) => state.token = token

My Answer:
an "Unauthenticated" message.

Here are a few things you can check to troubleshoot this issue:

1. Make sure you are passing the token in the Authorization header of your API requests. The header should look like this: Authorization: Bearer {your_token_here}

2. Check if the token is being stored correctly in the frontend and being sent with each request. You can use browser developer tools to inspect the network requests and see if the token is being included.

3. Verify that the token is valid and has not expired. You can check the token expiration time in the Laravel Passport configuration file.

4. Make sure the routes you are trying to access are protected with the auth:api middleware. You can check this in your routes/api.php file.

5. Check if the user is authenticated before accessing the protected routes. You can use the auth() helper function in your controller methods to check if the user is authenticated.

If you have checked all of the above and are still facing the issue, you may want to try clearing your browser cache or restarting your server to see if that resolves the problem. If the issue persists, you may need to provide more details or code snippets for further assistance.

Rate this post

3 of 5 based on 5006 votes


© 2024 - Personal Blogs Platform. All Rights Reserved.
Create blog  |  Privacy Policy  |  Terms & Conditions  |  Contact Us