Laravel 6 - auth()->user()||Auth::user() not working on a route where verifycsrfToken middleware is disabled, return empty object

Stack Overflow Asked by Simon Angatia on December 11, 2020

I have two methods in the same controller. Now, one of the routes handles the POST requests from an API and I had to disable the VerifyCsrfToken middleware because it wasn’t receiving data then, and since it is a callback URL, it has to receive data in order to save or do something to the data. Before I disabled the VerifyCsrfToken middleware on the route, the POST request was throwing an error that the page expired. This worked when I disabled the middleware though. Now this developed yet another problem, I can’t access the current logged in user through auth()->user()||Auth::user();, it returns an empty object yet I can access the logged-in user from the other methods on the same controller. Whoever knows any solution to this problem?

One Answer

The answer is that you will not be able to get an authenticated user from Auth::user() because there isn't one for this request.

The only way you would be able to find any User from this request would be if there was some identifying information in the POST request from the other server that you could then use to match to a User yourself.

To make this even simpler:

If you log into your website, then I (from a completely different host and client) send a request to your server am I now authenticated as you? NO

This is the same exact thing happening here.


This route shouldn't have the web group of middleware assigned to it since it is not using sessions. This group is what does the CSRF token check as well (which is session based). Might be better in api.php but would require updating the other server with a different URL unless you change the prefix for the API routes.

Answered by lagbox on December 11, 2020

Add your own answers!

Related Questions

how to count number of file with a matching pattern using python

2  Asked on February 16, 2021 by suryansh-mathur


R First Row By Group When Condition Is Met

4  Asked on February 16, 2021 by bvowe


C++ program won’t print anything with vectors?

2  Asked on February 16, 2021 by luckylone-official


What is damping for?

3  Asked on February 16, 2021 by lix


Spring 5 MVC not finding mapping to controller returning JSON

2  Asked on February 16, 2021 by gary-kephart


Pointer value in c

3  Asked on February 15, 2021 by gsoap


Memory allocation of map[int]interface{} vs map[int]struct{}

2  Asked on February 15, 2021 by gabriel-gonzalez


Does the “leftmost prefix rule” of Index applies to SQL Server?

2  Asked on February 15, 2021 by drillfreak100


How to add ArrayList to JsonObject in Kotlin

2  Asked on February 15, 2021 by rajitha-perera


How to get data from axios request?

1  Asked on February 15, 2021 by theyaxxe


Ask a Question

Get help from others!

© 2022 All rights reserved. Sites we Love: PCI Database, MenuIva, UKBizDB, Menu Kuliner, Sharing RPP