John Davidson

php - Laravel9: route parameter always missing in validation


I am using Laravel v9.2.1 + Laravel Sanctum v2.14.1

I got a route

DELETE /api/v1/auth/tokens/{token}

for example (the token is an uuid)


And I am sure it works as expected via php artisan route:list

Before handling by the Controller, it should be validated by a FormRequest


namespace App\Http\Controllers\V1\Auth;

use App\Http\Requests\V1\Auth\Tokens\{

class TokensController extends Controller
public function destroy(DestroyRequest $request) {
$request->user()->tokens()->where('id', $request->token)->first()->delete();
return response()->noContent();


class DestroyRequest extends FormRequest
public function rules()
return [
'token' => [
Rule::exists('personal_access_tokens')->where(function ($query) {
return $query->where('tokenable_id', $this->user()->id);

But what I only got is The token field is required

I had already pass the token, why the 'required' rule still working?

What I tried

Only if I pass the token parameter like below, it will work

DELETE /api/auth/tokens/something?token=test_regex_is_working

I try to dd($this->token) in app/Http/Requests/V1/Auth/Tokens/DestroyRequest.php, it works as expected.

My Answer:
> In your `DestroyRequest` class, make sure you are properly defining the rules for validating the `token` parameter. Here is an example of how you can do this:

namespace App\Http\Requests\V1\Auth\Tokens;

use Illuminate\Foundation\Http\FormRequest;

class DestroyRequest extends FormRequest
public function authorize()
return true;

public function rules()
return [
'token' => 'required|uuid', // Add validation rules for the token parameter

By adding the `'token' => 'required|uuid'` rule in the `rules()` method of your `DestroyRequest` class, Laravel will validate that the `token` parameter is present in the request and is a valid UUID before allowing the request to be processed by the controller.

Make sure to also import the necessary classes in your `DestroyRequest` class, such as `use Illuminate\Foundation\Http\FormRequest;` and any other classes that may be needed for validation.

After making these changes, try sending a DELETE request to your endpoint with the `token` parameter included, and Laravel should now properly validate the request before passing it to the controller.

Rate this post

3 of 5 based on 7453 votes


© 2024 - Personal Blogs Platform. All Rights Reserved.
Create blog  |  Privacy Policy  |  Terms & Conditions  |  Contact Us