8194460 Laravel returns 302 for unauthenticated calls - DC Blog

Laravel returns 302 for unauthenticated calls

Laravel Developer David Carr

David Carr

Laravel Framework API Tutorials

I've started to secure API calls with Laravel Airlock, when calling a route that's been secured with the middleware auth:airlock unauthenticated calls we're returning a status code of 302 means the route has been found. When 401 unauthenticated should have been returned.

Turns out it was not a Laravel Airlock issue but how Laravel handles ajax calls in order for an API call to be treated as an API call it requires a header called Accept and a value of application/json. With this heading in place, 401 will be returned for unauthenticated calls.

Subscribe to my newsletter for the latest updates on my books and digital products.

Search DC Blog

Find posts, tutorials, and resources quickly.

Searching...
Laravel Developer David Carr

David Carr

Senior Software Engineer

View all posts

Subscribe to our Newsletter

Subscribe to my newsletter for the latest updates on my books and digital products.

Related Articles

Preview a domain by editing your host file

Preview a domain by editing your host file

Sep 25, 2013
Detecting and replacing bad words in PHP

Detecting and replacing bad words in PHP

Jun 4, 2013
Importing Wordpress posts to another system using the exported XML file

Importing Wordpress posts to another system using the exported XML file

Feb 11, 2014

Categories

You Might Also Like