Restricting access of a specific user to POST,DELETE,PATCH,PUT - laravel

I have Laravel 5.6 installed.
I would like to give Demo account to a user, which cannot INSERT or UPDATE anything but view everything.
I don't have a group of roles in my system. I just want to hardcode the user id in somewhere and restrict these actions.
I googled and found a lot of different approaches ( https://laracasts.com/discuss/channels/laravel/protecting-route-for-specific-user ) , which is far more than what I need. I just simply want to restrict this functions to specific users in all website.
Domain | Method | URI | Name | Action | Middleware |
+--------+-----------+-------------------------------------------------------+---------------------------------+------------------------------------------------------------------------------------+--------------------------------------------------+
| | GET|HEAD | / | | Closure | web |
| | GET|HEAD | _debugbar/assets/javascript | debugbar.assets.js | Barryvdh\Debugbar\Controllers\AssetController#js | Barryvdh\Debugbar\Middleware\DebugbarEnabled |
| | GET|HEAD | _debugbar/assets/stylesheets | debugbar.assets.css | Barryvdh\Debugbar\Controllers\AssetController#css | Barryvdh\Debugbar\Middleware\DebugbarEnabled |
| | DELETE | _debugbar/cache/{key}/{tags?} | debugbar.cache.delete | Barryvdh\Debugbar\Controllers\CacheController#delete | Barryvdh\Debugbar\Middleware\DebugbarEnabled |
| | GET|HEAD | _debugbar/clockwork/{id} | debugbar.clockwork | Barryvdh\Debugbar\Controllers\OpenHandlerController#clockwork | Barryvdh\Debugbar\Middleware\DebugbarEnabled |
| | GET|HEAD | _debugbar/open | debugbar.openhandler | Barryvdh\Debugbar\Controllers\OpenHandlerController#handle | Barryvdh\Debugbar\Middleware\DebugbarEnabled |
| | GET|HEAD | api/user | | Closure | api,auth:api |
| | GET|HEAD | giris | | Closure | web |
| | GET|HEAD | horizon/api/jobs/failed | horizon.failed-jobs.index | Laravel\Horizon\Http\Controllers\FailedJobsController#index | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | GET|HEAD | horizon/api/jobs/failed/{id} | horizon.failed-jobs.show | Laravel\Horizon\Http\Controllers\FailedJobsController#show | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | GET|HEAD | horizon/api/jobs/recent | horizon.recent-jobs.index | Laravel\Horizon\Http\Controllers\RecentJobsController#index | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | POST | horizon/api/jobs/retry/{id} | horizon.retry-jobs.show | Laravel\Horizon\Http\Controllers\RetryController#store | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | GET|HEAD | horizon/api/masters | horizon.masters.index | Laravel\Horizon\Http\Controllers\MasterSupervisorController#index | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | GET|HEAD | horizon/api/metrics/jobs | horizon.jobs-metrics.index | Laravel\Horizon\Http\Controllers\JobMetricsController#index | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | GET|HEAD | horizon/api/metrics/jobs/{id} | horizon.jobs-metrics.show | Laravel\Horizon\Http\Controllers\JobMetricsController#show | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | GET|HEAD | horizon/api/metrics/queues | horizon.queues-metrics.index | Laravel\Horizon\Http\Controllers\QueueMetricsController#index | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | GET|HEAD | horizon/api/metrics/queues/{id} | horizon.queues-metrics.show | Laravel\Horizon\Http\Controllers\QueueMetricsController#show | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | POST | horizon/api/monitoring | horizon.monitoring.store | Laravel\Horizon\Http\Controllers\MonitoringController#store | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | GET|HEAD | horizon/api/monitoring | horizon.monitoring.index | Laravel\Horizon\Http\Controllers\MonitoringController#index | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | GET|HEAD | horizon/api/monitoring/{tag} | horizon.monitoring-tag.paginate | Laravel\Horizon\Http\Controllers\MonitoringController#paginate | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | DELETE | horizon/api/monitoring/{tag} | horizon.monitoring-tag.destroy | Laravel\Horizon\Http\Controllers\MonitoringController#destroy | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | GET|HEAD | horizon/api/stats | horizon.stats.index | Laravel\Horizon\Http\Controllers\DashboardStatsController#index | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | GET|HEAD | horizon/api/workload | horizon.workload.index | Laravel\Horizon\Http\Controllers\WorkloadController#index | web,Laravel\Horizon\Http\Middleware\Authenticate |
| | GET|HEAD | horizon/{view?} | horizon.index | Laravel\Horizon\Http\Controllers\HomeController#index | web,Laravel\Horizon\Http\Middleware\Authenticate |

Quickest way will be to create a simple middleware where you abort if it's that specific user.
To create the middleware you can use the artisan command make:middleware
php artisan make:middleware LimitUserIdX
In the newly created file (app/Http/Middleware/LimitUserIdX.php) you can just check if the authentify user id is X and if so, abort with error code 403 (permission denied), like this:
public function handle($request, Closure $next)
{
$userId = Auth::id();
if($userId == 5) {
abort(403);
}
return $next($request);
}
change the 5 to the user you want to limit.
Edit: I've missed understood the question, this is a correction.
You should add the newly created middleware to Laravel global middlewares list. Just go to App/Http/Kernel.php and add the class to the $middleware var. This will make Laravel run your middleware on all HTTP requests to your application (without the need to add it to each and every route definition).
Then, you will also want to edit the middleware itself to check for the requested method before aborting, like this:
public function handle($request, Closure $next)
{
$userId = Auth::id();
if(request()->method() != "GET" && request()->method() != "HEAD" && $userId == 5) {
abort(403);
}
return $next($request);
}

Related

laravel ui auth /login 404 not found

i cant access the auth pages it always redirect 404 not found .
it was work just fine before ,i dont know whats going on suddenly
this is my route file
Route::get('/', function () {
return redirect(app()->getLocale());
});
Auth::routes();
and this my route list
+--------+----------------------------------------+------------------------------------------------------------+------------------------------+------------------------------------------------------------------------+-------------------------------------------------------------+
| Domain | Method | URI | Name | Action
| Middleware |
+--------+----------------------------------------+------------------------------------------------------------+------------------------------+------------------------------------------------------------------------+-------------------------------------------------------------+
| | |
| App\Http\Middleware\RedirectIfAuthenticated |
| | POST | login | generated::csqSXSmjhYevTLX7 | App\Http\Controllers\Auth\LoginController#login | web |
| | | | |
| App\Http\Middleware\RedirectIfAuthenticated |
| | POST | logout | logout | App\Http\Controllers\Auth\LoginController#logout | web |
| | GET|HEAD | password/confirm | password.confirm | App\Http\Controllers\Auth\ConfirmPasswordController#showConfirmForm | web |
| | | | |
| App\Http\Middleware\Authenticate |
| | POST | password/confirm | generated::FOcpGH5OrG9S8e7r | App\Http\Controllers\Auth\ConfirmPasswordController#confirm | web |
| | | | |
| App\Http\Middleware\Authenticate |
| | POST | password/email | password.email | App\Http\Controllers\Auth\ForgotPasswordController#sendResetLinkEmail | web |
| | GET|HEAD | password/reset | password.request | App\Http\Controllers\Auth\ForgotPasswordController#showLinkRequestForm | web |
| | POST | password/reset | password.update | App\Http\Controllers\Auth\ResetPasswordController#reset | web |
| | GET|HEAD | password/reset/{token} | password.reset | App\Http\Controllers\Auth\ResetPasswordController#showResetForm | web |
| | GET|HEAD | register | register | App\Http\Controllers\Auth\RegisterController#showRegistrationForm | web |
| | | | |
| App\Http\Middleware\RedirectIfAuthenticated |
| | POST | register | generated::28dngmMiIB5ZE1p8 | App\Http\Controllers\Auth\RegisterController#register | web |
| | | | |
|
| | GET|HEAD | {locale} | site.index | App\Http\Controllers\Site\HomeController#index | web |
| | | | |
| App\Http\Middleware\SetLocale |
| | GET|HEAD | {locale}/chooseus/{chooseus} | site.chooseus.detail | App\Http\Controllers\Site\ChooseusController#detail | web |
| | | | |
| App\Http\Middleware\SetLocale |
| | POST | {locale}/contact-us/send | site.contact.send | App\Http\Controllers\Site\ContactController#send | web |
| | | | |
+--------+----------------------------------------+------------------------------------------------------------+------------------------------+------------------------------------------------------------------------+-------------------------------------------------------------+
i tried to reinstall laravel ui but that didn't work
Your route {locale} may que interfering with the login route. Since both are first level routes, the {locale} is taking precedence, therefore not showing you the `login`` route.
You should consider using other route syntax, like /content/{locale} for example.

Laravel route undefined but it is clearly defined

I am having problems getting some routes to work. I have clearly declared some routes that just don't show up in php artisan route:list, even after clearing the cache.
Since I think this may be related to another line not being correct, I have pasted the entire routes file here. All the admin routes are working, but some "pro" and some "shop" routes are missing completely! There are several missing, so I will not list them all. I am out of thoughts as to how this is happening.
Auth::routes();
Route::prefix('cms')->middleware(['role:admin'])->namespace('Admin')->name('cms.admin.')->group(function () {
Route::get('', 'CmsController#index')->name('index');
Route::get('instellingen', 'CmsController#getSetting')->name('setting.get');
Route::match(['put', 'patch'], 'instellingen', 'CmsController#updateSetting')->name('setting.update');
Route::resource('coaches', 'ProController')->names('pro');
Route::resource('winkels', 'ShopController')->names('shop');
Route::resource('adviezen', 'AdviceController')->names('advice');
Route::resource('notificaties', 'NotificationController')->names('notification');
});
Route::prefix('account')->name('account.')->group(function () {
Route::middleware(['role:shop'])->namespace('Shop')->name('shop.')->group(function () {
Route::get('', 'AccountController#index')->name('index');
Route::get('instellingen', 'AccountController#getSetting')->name('setting.get');
Route::match(['put', 'patch'], 'instellingen', 'AccountController#postSetting')->name('setting.post');
Route::get('profiel', 'AccountController#getProfile')->name('profile.get');
Route::match(['put', 'patch'], 'profiel', 'AccountController#postProfile')->name('profile.post');
Route::get('coaches', 'AccountController#getPro')->name('pro.get');
Route::match(['put', 'patch'], 'coaches', 'AccountController#postPro')->name('pro.post');
Route::resource('adviezen', 'AdviceController')->names('advice');
});
Route::middleware(['role:pro'])->namespace('Pro')->name('pro.')->group(function () {
Route::get('', 'AccountController#index')->name('index');
Route::get('profiel', 'AccountController#getProfile')->name('profile.get');
Route::match(['put', 'patch', 'delete'], 'profiel', 'AccountController#postProfile')->name('profile.post');
Route::get('winkel', 'AccountController#getShop')->name('shop.get');
Route::match(['post', 'delete'], 'winkel', 'AccountController#postShop')->name('shop.post');
Route::get('postvak', 'AccountController#getNotification')->name('notification.get');
Route::post('postvak', 'AccountController#postNotification')->name('notification.post');
Route::resource('adviezen', 'AdviceController')->names('advice');
});
});
Route::get('', 'SiteController#index')->name('site.index');
Result when printing the php artisan route:list -c (Yes, I know this is quite a lot of text, but I think it is necessary to see the complete picture and might help in the solving of this particular problem)
+------------------+------------------------------------+------------------------------------------------------------------------+
| Method | URI | Action |
+------------------+------------------------------------+------------------------------------------------------------------------+
| GET|HEAD | / | App\Http\Controllers\SiteController#index |
| GET|HEAD | _debugbar/assets/javascript | Barryvdh\Debugbar\Controllers\AssetController#js |
| GET|HEAD | _debugbar/assets/stylesheets | Barryvdh\Debugbar\Controllers\AssetController#css |
| DELETE | _debugbar/cache/{key}/{tags?} | Barryvdh\Debugbar\Controllers\CacheController#delete |
| GET|HEAD | _debugbar/clockwork/{id} | Barryvdh\Debugbar\Controllers\OpenHandlerController#clockwork |
| GET|HEAD | _debugbar/open | Barryvdh\Debugbar\Controllers\OpenHandlerController#handle |
| GET|HEAD | _debugbar/telescope/{id} | Barryvdh\Debugbar\Controllers\TelescopeController#show |
| GET|HEAD | account | App\Http\Controllers\Pro\AccountController#index |
| POST | account/adviezen | App\Http\Controllers\Pro\AdviceController#store |
| GET|HEAD | account/adviezen | App\Http\Controllers\Pro\AdviceController#index |
| GET|HEAD | account/adviezen/create | App\Http\Controllers\Pro\AdviceController#create |
| PUT|PATCH | account/adviezen/{adviezen} | App\Http\Controllers\Pro\AdviceController#update |
| GET|HEAD | account/adviezen/{adviezen} | App\Http\Controllers\Pro\AdviceController#show |
| DELETE | account/adviezen/{adviezen} | App\Http\Controllers\Pro\AdviceController#destroy |
| GET|HEAD | account/adviezen/{adviezen}/edit | App\Http\Controllers\Pro\AdviceController#edit |
| PUT|PATCH | account/coaches | App\Http\Controllers\Shop\AccountController#postPro |
| GET|HEAD | account/coaches | App\Http\Controllers\Shop\AccountController#getPro |
| GET|HEAD | account/instellingen | App\Http\Controllers\Shop\AccountController#getSetting |
| PUT|PATCH | account/instellingen | App\Http\Controllers\Shop\AccountController#postSetting |
| GET|HEAD | account/postvak | App\Http\Controllers\Pro\AccountController#getNotification |
| POST | account/postvak | App\Http\Controllers\Pro\AccountController#postNotification |
| PUT|PATCH|DELETE | account/profiel | App\Http\Controllers\Pro\AccountController#postProfile |
| PUT|PATCH | account/profiel | App\Http\Controllers\Shop\AccountController#postProfile |
| GET|HEAD | account/profiel | App\Http\Controllers\Pro\AccountController#getProfile |
| GET|HEAD | account/winkel | App\Http\Controllers\Pro\AccountController#getShop |
| POST|DELETE | account/winkel | App\Http\Controllers\Pro\AccountController#postShop |
| GET|HEAD | api/user | Closure |
| GET|HEAD | cms | App\Http\Controllers\Admin\CmsController#index |
| GET|HEAD | cms/adviezen | App\Http\Controllers\Admin\AdviceController#index |
| POST | cms/adviezen | App\Http\Controllers\Admin\AdviceController#store |
| GET|HEAD | cms/adviezen/create | App\Http\Controllers\Admin\AdviceController#create |
| PUT|PATCH | cms/adviezen/{adviezen} | App\Http\Controllers\Admin\AdviceController#update |
| DELETE | cms/adviezen/{adviezen} | App\Http\Controllers\Admin\AdviceController#destroy |
| GET|HEAD | cms/adviezen/{adviezen} | App\Http\Controllers\Admin\AdviceController#show |
| GET|HEAD | cms/adviezen/{adviezen}/edit | App\Http\Controllers\Admin\AdviceController#edit |
| GET|HEAD | cms/coaches | App\Http\Controllers\Admin\ProController#index |
| POST | cms/coaches | App\Http\Controllers\Admin\ProController#store |
| GET|HEAD | cms/coaches/create | App\Http\Controllers\Admin\ProController#create |
| GET|HEAD | cms/coaches/{coach} | App\Http\Controllers\Admin\ProController#show |
| DELETE | cms/coaches/{coach} | App\Http\Controllers\Admin\ProController#destroy |
| PUT|PATCH | cms/coaches/{coach} | App\Http\Controllers\Admin\ProController#update |
| GET|HEAD | cms/coaches/{coach}/edit | App\Http\Controllers\Admin\ProController#edit |
| PUT|PATCH | cms/instellingen | App\Http\Controllers\Admin\CmsController#updateSetting |
| GET|HEAD | cms/instellingen | App\Http\Controllers\Admin\CmsController#getSetting |
| GET|HEAD | cms/notificaties | App\Http\Controllers\Admin\NotificationController#index |
| POST | cms/notificaties | App\Http\Controllers\Admin\NotificationController#store |
| GET|HEAD | cms/notificaties/create | App\Http\Controllers\Admin\NotificationController#create |
| GET|HEAD | cms/notificaties/{notificaty} | App\Http\Controllers\Admin\NotificationController#show |
| PUT|PATCH | cms/notificaties/{notificaty} | App\Http\Controllers\Admin\NotificationController#update |
| DELETE | cms/notificaties/{notificaty} | App\Http\Controllers\Admin\NotificationController#destroy |
| GET|HEAD | cms/notificaties/{notificaty}/edit | App\Http\Controllers\Admin\NotificationController#edit |
| POST | cms/winkels | App\Http\Controllers\Admin\ShopController#store |
| GET|HEAD | cms/winkels | App\Http\Controllers\Admin\ShopController#index |
| GET|HEAD | cms/winkels/create | App\Http\Controllers\Admin\ShopController#create |
| GET|HEAD | cms/winkels/{winkel} | App\Http\Controllers\Admin\ShopController#show |
| DELETE | cms/winkels/{winkel} | App\Http\Controllers\Admin\ShopController#destroy |
| PUT|PATCH | cms/winkels/{winkel} | App\Http\Controllers\Admin\ShopController#update |
| GET|HEAD | cms/winkels/{winkel}/edit | App\Http\Controllers\Admin\ShopController#edit |
| GET|HEAD | login | App\Http\Controllers\Auth\LoginController#showLoginForm |
| POST | login | App\Http\Controllers\Auth\LoginController#login |
| POST | logout | App\Http\Controllers\Auth\LoginController#logout |
| POST | password/confirm | App\Http\Controllers\Auth\ConfirmPasswordController#confirm |
| GET|HEAD | password/confirm | App\Http\Controllers\Auth\ConfirmPasswordController#showConfirmForm |
| POST | password/email | App\Http\Controllers\Auth\ForgotPasswordController#sendResetLinkEmail |
| GET|HEAD | password/reset | App\Http\Controllers\Auth\ForgotPasswordController#showLinkRequestForm |
| POST | password/reset | App\Http\Controllers\Auth\ResetPasswordController#reset |
| GET|HEAD | password/reset/{token} | App\Http\Controllers\Auth\ResetPasswordController#showResetForm |
| POST | register | App\Http\Controllers\Auth\RegisterController#register |
| GET|HEAD | register | App\Http\Controllers\Auth\RegisterController#showRegistrationForm |
+------------------+------------------------------------+------------------------------------------------------------------------+
It is not a syntax error, since my IDE does not give an error, so I am thinking it might be a logical one or something I am completely missing...
Any help would be much appreciated.
Kind regards,
Niels
Although the result was pretty embarrassing;
What I did was register multiple routes with the same URI and method. Although they had different namespaces and names, it conflicted.
Fixed by prefixing the URI in the 2 separate groups
Thanks to user lagbox for the answer.

Laravel middleware Auth

good Morning,
I separate my two guards in Laravel. I would like if someone registers via the Guard "club" he can only access the pages within the Route Group "club", otherwise 403 should come.
<?php
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
Route::get('/', 'TextController#GetStartseite');
Route::get('/info', function () {
return view('info');
});
Auth::routes();
Route::get('/home', 'TextController#GetWelcome')->name('home');
Route::get('/admin/bund', 'BundController#index')->middleware('auth');
Route::get('/meinProfil', 'UserProfilController#index')->middleware('auth');
Route::post('/meinProfil', 'UserProfilController#update')->middleware('auth');
Route::resource('/meineAusbildung', 'EducationController')->middleware('auth');
Route::POST('/meineAusbildung/delete', 'EducationController#destroy')->middleware('auth');
//Waffen
Route::resource('/meineWaffen', 'WeaponController')->middleware('auth');
Route::POST('/meineWaffen/show', 'WeaponController#show')->middleware('auth');
Route::POST('/meineWaffen/edit', 'WeaponController#update')->middleware('auth');
Route::POST('/meineWaffen/getTable', 'WeaponController#getTableWeapon')->middleware('auth');
Route::POST('/meineWaffen/getDisziTable', 'WeaponController#getDisziWaffe')->middleware('auth');
Route::POST('/meineWaffen/addDiszi', 'WeaponController#addDiziWaffe')->middleware('auth');
Route::POST('/meineWaffen/delDiszi', 'WeaponController#delDisziWaffe')->middleware('auth');
Route::POST('/meineWaffen/DisziDrop', 'WeaponController#getDisziDropDown')->middleware('auth');
Route::get('/meineVereine', 'VereinController#index')->middleware('auth');
//Route::post('/meineVereine/{VereinId}/attach' ,'VereinController#addVerein')->middleware('auth');
Route::post('/meineVereine' ,'VereinController#addVerein')->middleware('auth');
Route::post('/meineVereineDel' ,'VereinController#removeVerein')->middleware('auth');
Route::get('/Zeiterfassen', 'RecordShootingTimeController#index')->middleware('auth');
Route::POST('/Zeiterfassen/waffenDiszi', 'RecordShootingTimeController#getDisziWaffenDropDown')->middleware('auth');
Route::POST('/Zeiterfassen/store', 'RecordShootingTimeController#store')->middleware('auth');
Route::POST('/Zeiterfassen/openEntrys', 'RecordShootingTimeController#getopenEntrys')->middleware('auth');
Route::POST('/Zeiterfassen/show', 'RecordShootingTimeController#show')->middleware('auth');
Route::POST('/Zeiterfassen/update', 'RecordShootingTimeController#update')->middleware('auth');
Route::POST('/Zeiterfassen/delete', 'RecordShootingTimeController#destroy')->middleware('auth');
Route::get('/meinSchiessbuch', 'ShootingbookController#index')->middleware('auth');
Route::POST('/meinSchiessbuch/getTable', 'ShootingbookController#getShootingbook')->middleware('auth');
Route::POST('/meinSchiessbuch/freigabe', 'ShootingbookController#clubfreigabe')->middleware('auth');
Route::POST('/meinSchiessbuch/update', 'ShootingbookController#store')->middleware('auth');
//Vereine
Route::get('verein/', 'TextController#GetClubStartseite')->name('verein/');
Route::group(['namespace' => 'Club'] , function(){
/****Club Login Route*****/
Route::get('verein/login', 'Auth\LoginController#ClubshowLoginForm')->name('club.login');
Route::post('verein/login', 'Auth\LoginController#Clublogin');
Route::post('verein/logout', 'Auth\LoginController#Clublogout')->name('club.logout');
Route::get('verein/register', 'Auth\RegisterController#ClubshowRegistrationForm')->name('club.register');
Route::post('verein/register', 'Auth\RegisterController#register')->name('club.register');
});
Route::group(['middleware' => ['auth', 'club']], function() {
Route::get('verein/home', 'TextController#GetClubWelcome');
Route::get('/verein/unsereStaende', 'ShootingrangeController#index');
Route::POST('/verein/unsereStaende', 'ShootingrangeController#create');
Route::POST('/verein/unsereStaende/delete', 'ShootingrangeController#destroy');
Route::get('/verein/Schiessbuch', 'ShootingbookController#Clubindex');
Route::POST('/verein/Schiessbuch/getTable', 'ShootingbookController#getClubShootingbook');
Route::get('/verein/Genehmigung', 'ShootingbookController#ClubGenehmigung');
Route::POST('/verein/Genehmigung/getTable', 'ShootingbookController#getClubSBzurFreigabe');
Route::POST('/verein/Genehmigung/bestaetigung', 'ShootingbookController#clubbestaetigung');
Route::get('/verein/Profil', 'ClubProfilController#index');
Route::post('/verein/Profil', 'ClubProfilController#update');
Route::Get('/verein/Verband', 'VerbandController#index');
Route::Post('/verein/Verband', 'VerbandController#store');
Route::Post('/verein/Verband/delete', 'VerbandController#destroy');
Route::Get('/verein/Mitglieder', 'ClubController#index');
Route::POST('/verein/Mitglieder', 'ClubController#update');
});
// Route::get('verein/home', 'TextController#GetClubWelcome')->name('verein/home')->middleware('auth:club');
//
//
// Route::get('/verein/unsereStaende', 'ShootingrangeController#index')->middleware('auth:club');
// Route::POST('/verein/unsereStaende', 'ShootingrangeController#create')->middleware('auth:club');
// Route::POST('/verein/unsereStaende/delete', 'ShootingrangeController#destroy')->middleware('auth:club');
//
// Route::get('/verein/Schiessbuch', 'ShootingbookController#Clubindex')->middleware('auth:club');
// Route::POST('/verein/Schiessbuch/getTable', 'ShootingbookController#getClubShootingbook')->middleware('auth:club');
// Route::get('/verein/Genehmigung', 'ShootingbookController#ClubGenehmigung')->middleware('auth:club');
// Route::POST('/verein/Genehmigung/getTable', 'ShootingbookController#getClubSBzurFreigabe')->middleware('auth:club');
// Route::POST('/verein/Genehmigung/bestaetigung', 'ShootingbookController#clubbestaetigung')->middleware('auth:club');
//
// Route::get('/verein/Profil', 'ClubProfilController#index')->middleware('auth:club');
// Route::post('/verein/Profil', 'ClubProfilController#update')->middleware('auth:club');
//
// Route::Get('/verein/Verband', 'VerbandController#index')->middleware('auth:club');
// Route::Post('/verein/Verband', 'VerbandController#store')->middleware('auth:club');
// Route::Post('/verein/Verband/delete', 'VerbandController#destroy')->middleware('auth:club');
//
// Route::Get('/verein/Mitglieder', 'ClubController#index')->middleware('auth:club');
// Route::POST('/verein/Mitglieder', 'ClubController#update')->middleware('auth:club');
I have addes a Middleware "ClubMiddleware" an registered it to Kernel.php routeMiddleware Methode
<?php
namespace App\Http\Middleware;
use App\Club;
use App\User;
use Closure;
use Illuminate\Contracts\Auth\Guard;
class ClubMiddelware
{
/**
* The Guard implementation.
*
* #var Guard
*/
protected $auth;
/**
* Create a new filter instance.
*
* #param Guard $auth
* #return void
*/
public function __construct(Guard $auth)
{
$this->auth = $auth;
}
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle($request, Closure $next)
{
if ($this->auth->getUser()->type !== "club") {
abort(403, 'Zugriff nicht erlaubt');
}
return $next($request);
}
}
php artisan route:list
+--------+-----------+----------------------------------------+-------------------------+----------------------------------------------------------------------------+----------------------+
| Domain | Method | URI | Name | Action | Middleware |
+--------+-----------+----------------------------------------+-------------------------+----------------------------------------------------------------------------+----------------------+
| | GET|HEAD | / | | App\Http\Controllers\TextController#GetStartseite | web |
| | GET|HEAD | Zeiterfassen | | App\Http\Controllers\RecordShootingTimeController#index | web,auth |
| | POST | Zeiterfassen/delete | | App\Http\Controllers\RecordShootingTimeController#destroy | web,auth |
| | POST | Zeiterfassen/openEntrys | | App\Http\Controllers\RecordShootingTimeController#getopenEntrys | web,auth |
| | POST | Zeiterfassen/show | | App\Http\Controllers\RecordShootingTimeController#show | web,auth |
| | POST | Zeiterfassen/store | | App\Http\Controllers\RecordShootingTimeController#store | web,auth |
| | POST | Zeiterfassen/update | | App\Http\Controllers\RecordShootingTimeController#update | web,auth |
| | POST | Zeiterfassen/waffenDiszi | | App\Http\Controllers\RecordShootingTimeController#getDisziWaffenDropDown | web,auth |
| | GET|HEAD | admin/bund | | App\Http\Controllers\BundController#index | web,auth |
| | GET|HEAD | api/api/v1/bund | api.bund.getBundTable | App\Http\Controllers\BundController#getBundTable | api |
| | GET|HEAD | api/api/v1/getEduTable | api.Edu.getEduTable | App\Http\Controllers\EducationController#getEduTable | api |
| | GET|HEAD | api/api/v1/getmeinSchiessbuch | api.SB.getSBTable | App\Http\Controllers\ShootingbookController#getShootingbook | api |
| | GET|HEAD | api/user | | Closure | api,auth:api |
| | GET|HEAD | home | home | App\Http\Controllers\TextController#GetWelcome | web |
| | GET|HEAD | info | | Closure | web |
| | POST | login | | App\Http\Controllers\Auth\LoginController#login | web,guest,guest:club |
| | GET|HEAD | login | login | App\Http\Controllers\Auth\LoginController#showLoginForm | web,guest,guest:club |
| | POST | logout | logout | App\Http\Controllers\Auth\LoginController#logout | web |
| | GET|HEAD | meinProfil | | App\Http\Controllers\UserProfilController#index | web,auth |
| | POST | meinProfil | | App\Http\Controllers\UserProfilController#update | web,auth |
| | GET|HEAD | meinSchiessbuch | | App\Http\Controllers\ShootingbookController#index | web,auth |
| | POST | meinSchiessbuch/freigabe | | App\Http\Controllers\ShootingbookController#clubfreigabe | web,auth |
| | POST | meinSchiessbuch/getTable | | App\Http\Controllers\ShootingbookController#getShootingbook | web,auth |
| | POST | meinSchiessbuch/update | | App\Http\Controllers\ShootingbookController#store | web,auth |
| | GET|HEAD | meineAusbildung | meineAusbildung.index | App\Http\Controllers\EducationController#index | web,auth |
| | POST | meineAusbildung | meineAusbildung.store | App\Http\Controllers\EducationController#store | web,auth |
| | GET|HEAD | meineAusbildung/create | meineAusbildung.create | App\Http\Controllers\EducationController#create | web,auth |
| | POST | meineAusbildung/delete | | App\Http\Controllers\EducationController#destroy | web,auth |
| | GET|HEAD | meineAusbildung/{meineAusbildung} | meineAusbildung.show | App\Http\Controllers\EducationController#show | web,auth |
| | DELETE | meineAusbildung/{meineAusbildung} | meineAusbildung.destroy | App\Http\Controllers\EducationController#destroy | web,auth |
| | PUT|PATCH | meineAusbildung/{meineAusbildung} | meineAusbildung.update | App\Http\Controllers\EducationController#update | web,auth |
| | GET|HEAD | meineAusbildung/{meineAusbildung}/edit | meineAusbildung.edit | App\Http\Controllers\EducationController#edit | web,auth |
| | GET|HEAD | meineVereine | | App\Http\Controllers\VereinController#index | web,auth |
| | POST | meineVereine | | App\Http\Controllers\VereinController#addVerein | web,auth |
| | POST | meineVereineDel | | App\Http\Controllers\VereinController#removeVerein | web,auth |
| | POST | meineWaffen | meineWaffen.store | App\Http\Controllers\WeaponController#store | web,auth |
| | GET|HEAD | meineWaffen | meineWaffen.index | App\Http\Controllers\WeaponController#index | web,auth |
| | POST | meineWaffen/DisziDrop | | App\Http\Controllers\WeaponController#getDisziDropDown | web,auth |
| | POST | meineWaffen/addDiszi | | App\Http\Controllers\WeaponController#addDiziWaffe | web,auth |
| | GET|HEAD | meineWaffen/create | meineWaffen.create | App\Http\Controllers\WeaponController#create | web,auth |
| | POST | meineWaffen/delDiszi | | App\Http\Controllers\WeaponController#delDisziWaffe | web,auth |
| | POST | meineWaffen/edit | | App\Http\Controllers\WeaponController#update | web,auth |
| | POST | meineWaffen/getDisziTable | | App\Http\Controllers\WeaponController#getDisziWaffe | web,auth |
| | POST | meineWaffen/getTable | | App\Http\Controllers\WeaponController#getTableWeapon | web,auth |
| | POST | meineWaffen/show | | App\Http\Controllers\WeaponController#show | web,auth |
| | DELETE | meineWaffen/{meineWaffen} | meineWaffen.destroy | App\Http\Controllers\WeaponController#destroy | web,auth |
| | PUT|PATCH | meineWaffen/{meineWaffen} | meineWaffen.update | App\Http\Controllers\WeaponController#update | web,auth |
| | GET|HEAD | meineWaffen/{meineWaffen} | meineWaffen.show | App\Http\Controllers\WeaponController#show | web,auth |
| | GET|HEAD | meineWaffen/{meineWaffen}/edit | meineWaffen.edit | App\Http\Controllers\WeaponController#edit | web,auth |
| | POST | password/confirm | | App\Http\Controllers\Auth\ConfirmPasswordController#confirm | web,auth |
| | GET|HEAD | password/confirm | password.confirm | App\Http\Controllers\Auth\ConfirmPasswordController#showConfirmForm | web,auth |
| | POST | password/email | password.email | App\Http\Controllers\Auth\ForgotPasswordController#sendResetLinkEmail | web |
| | POST | password/reset | password.update | App\Http\Controllers\Auth\ResetPasswordController#reset | web |
| | GET|HEAD | password/reset | password.request | App\Http\Controllers\Auth\ForgotPasswordController#showLinkRequestForm | web |
| | GET|HEAD | password/reset/{token} | password.reset | App\Http\Controllers\Auth\ResetPasswordController#showResetForm | web |
| | POST | register | | App\Http\Controllers\Auth\RegisterController#register | web,guest |
| | GET|HEAD | register | register | App\Http\Controllers\Auth\RegisterController#showRegistrationForm | web,guest |
| | GET|HEAD | verein | verein/ | App\Http\Controllers\TextController#GetClubStartseite | web |
| | GET|HEAD | verein/Genehmigung | | App\Http\Controllers\ShootingbookController#ClubGenehmigung | web,auth,club |
| | POST | verein/Genehmigung/bestaetigung | | App\Http\Controllers\ShootingbookController#clubbestaetigung | web,auth,club |
| | POST | verein/Genehmigung/getTable | | App\Http\Controllers\ShootingbookController#getClubSBzurFreigabe | web,auth,club |
| | GET|HEAD | verein/Mitglieder | | App\Http\Controllers\ClubController#index | web,auth,club |
| | POST | verein/Mitglieder | | App\Http\Controllers\ClubController#update | web,auth,club |
| | POST | verein/Profil | | App\Http\Controllers\ClubProfilController#update | web,auth,club |
| | GET|HEAD | verein/Profil | | App\Http\Controllers\ClubProfilController#index | web,auth,club |
| | GET|HEAD | verein/Schiessbuch | | App\Http\Controllers\ShootingbookController#Clubindex | web,auth,club |
| | POST | verein/Schiessbuch/getTable | | App\Http\Controllers\ShootingbookController#getClubShootingbook | web,auth,club |
| | GET|HEAD | verein/Verband | | App\Http\Controllers\VerbandController#index | web,auth,club |
| | POST | verein/Verband | | App\Http\Controllers\VerbandController#store | web,auth,club |
| | POST | verein/Verband/delete | | App\Http\Controllers\VerbandController#destroy | web,auth,club |
| | GET|HEAD | verein/home | | App\Http\Controllers\TextController#GetClubWelcome | web,auth,club |
| | POST | verein/login | | App\Http\Controllers\Club\Auth\LoginController#Clublogin | web,guest:club,guest |
| | GET|HEAD | verein/login | club.login | App\Http\Controllers\Club\Auth\LoginController#ClubshowLoginForm | web,guest:club,guest |
| | POST | verein/logout | club.logout | App\Http\Controllers\Club\Auth\LoginController#Clublogout | web,guest:club,guest |
| | POST | verein/register | club.register | App\Http\Controllers\Club\Auth\RegisterController#register | web,guest:club |
| | GET|HEAD | verein/register | club.register | App\Http\Controllers\Club\Auth\RegisterController#ClubshowRegistrationForm | web,guest:club |
| | GET|HEAD | verein/unsereStaende | | App\Http\Controllers\ShootingrangeController#index | web,auth,club |
| | POST | verein/unsereStaende | | App\Http\Controllers\ShootingrangeController#create | web,auth,club |
| | POST | verein/unsereStaende/delete | | App\Http\Controllers\ShootingrangeController#destroy | web,auth,club |
+--------+-----------+----------------------------------------+-------------------------+----------------------------------------------------------------------------+----------------------+
My Browser show the errors Message ERR_TOO_MANY_REDIRECTS
I don't really understand the concept yet. What am I doing wrong?
Thank you
Matthias
EDIT: I have Post the complete web.php

Laravel API only works on a specific route, others throw a 404 error

Update:
running php artisan route:clear fixes the issue, but only partly.
After I run the command and successfully consume the API, the route I call disappears from the route list cache again, and it forces me to run the command again. I have no idea why this is happening.
I'm trying to consume a Laravel API I set up but I can only consume one of the three routes available for some reason, the other two drop a 404.
Route::post('/login', 'API\UserController#login'); //this works
Route::group(['middleware' => ['auth:api']], function () {
Route::post('/roles/all', 'API\RoleController#getAll'); //this doesn't work - error 404
Route::post('/permissions/all', 'API\PermissionController#getAll'); //this doesn't work - error 404
});
The routes point to the correct place, the functions exist, and the call I'm making through Postman has the correct parameters (url example: 'http://localhost:8000/api/roles/all', GET call, auth token in Authorization field).
It also doesn't matter if I put the routes inside or outside the middleware (in case it had something to do with the oauth2 token or the middleware itself having issues).
Here's an example of one of the functions I'm trying to call:
public function getAll()
{
$role = Role::all();
return response()->json(['role' => $role], 200);
}
Edit: here's the output of php artisan route:list
+--------+----------+----------------------------------------------------------+-----------------------------------+---------------------------------------------------------------------------+------------+
| Domain | Method | URI | Name | Action
| Middleware |
+--------+----------+----------------------------------------------------------+-----------------------------------+---------------------------------------------------------------------------+------------+
| | POST | api/login | | App\Http\Controllers\API\UserController#login
| api |
| | GET|HEAD | oauth/authorize | passport.authorizations.authorize | Laravel\Passport\Http\Controllers\AuthorizationController#authorize | web,auth |
| | DELETE | oauth/authorize | passport.authorizations.deny | Laravel\Passport\Http\Controllers\DenyAuthorizationController#deny | web,auth |
| | POST | oauth/authorize | passport.authorizations.approve | Laravel\Passport\Http\Controllers\ApproveAuthorizationController#approve | web,auth |
| | POST | oauth/clients | passport.clients.store | Laravel\Passport\Http\Controllers\ClientController#store | web,auth |
| | GET|HEAD | oauth/clients | passport.clients.index | Laravel\Passport\Http\Controllers\ClientController#forUser | web,auth |
| | PUT | oauth/clients/{client_id} | passport.clients.update | Laravel\Passport\Http\Controllers\ClientController#update | web,auth |
| | DELETE | oauth/clients/{client_id} | passport.clients.destroy | Laravel\Passport\Http\Controllers\ClientController#destroy | web,auth |
| | POST | oauth/personal-access-tokens | passport.personal.tokens.store | Laravel\Passport\Http\Controllers\PersonalAccessTokenController#store | web,auth |
| | GET|HEAD | oauth/personal-access-tokens | passport.personal.tokens.index | Laravel\Passport\Http\Controllers\PersonalAccessTokenController#forUser | web,auth |
| | DELETE | oauth/personal-access-tokens/{token_id} | passport.personal.tokens.destroy | Laravel\Passport\Http\Controllers\PersonalAccessTokenController#destroy | web,auth |
| | GET|HEAD | oauth/scopes | passport.scopes.index | Laravel\Passport\Http\Controllers\ScopeController#all | web,auth |
| | POST | oauth/token | passport.token | Laravel\Passport\Http\Controllers\AccessTokenController#issueToken | throttle |
| | POST | oauth/token/refresh | passport.token.refresh | Laravel\Passport\Http\Controllers\TransientTokenController#refresh | web,auth |
| | GET|HEAD | oauth/tokens | passport.tokens.index | Laravel\Passport\Http\Controllers\AuthorizedAccessTokenController#forUser | web,auth |
| | DELETE | oauth/tokens/{token_id} | passport.tokens.destroy | Laravel\Passport\Http\Controllers\AuthorizedAccessTokenController#destroy | web,auth |
| | POST | telescope/telescope-api/cache | | Laravel\Telescope\Http\Controllers\CacheController#index | telescope |
| | GET|HEAD | telescope/telescope-api/cache/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\CacheController#show | telescope |
| | POST | telescope/telescope-api/commands | | Laravel\Telescope\Http\Controllers\CommandsController#index | telescope |
| | GET|HEAD | telescope/telescope-api/commands/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\CommandsController#show | telescope |
| | POST | telescope/telescope-api/dumps | | Laravel\Telescope\Http\Controllers\DumpController#index | telescope |
| | POST | telescope/telescope-api/events | | Laravel\Telescope\Http\Controllers\EventsController#index | telescope |
| | GET|HEAD | telescope/telescope-api/events/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\EventsController#show | telescope |
| | POST | telescope/telescope-api/exceptions | | Laravel\Telescope\Http\Controllers\ExceptionController#index | telescope |
| | PUT | telescope/telescope-api/exceptions/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\ExceptionController#update | telescope |
| | GET|HEAD | telescope/telescope-api/exceptions/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\ExceptionController#show | telescope |
| | POST | telescope/telescope-api/gates | | Laravel\Telescope\Http\Controllers\GatesController#index | telescope |
| | GET|HEAD | telescope/telescope-api/gates/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\GatesController#show | telescope |
| | POST | telescope/telescope-api/jobs | | Laravel\Telescope\Http\Controllers\QueueController#index | telescope |
| | GET|HEAD | telescope/telescope-api/jobs/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\QueueController#show | telescope |
| | POST | telescope/telescope-api/logs | | Laravel\Telescope\Http\Controllers\LogController#index | telescope |
| | GET|HEAD | telescope/telescope-api/logs/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\LogController#show | telescope |
| | POST | telescope/telescope-api/mail | | Laravel\Telescope\Http\Controllers\MailController#index | telescope |
| | GET|HEAD | telescope/telescope-api/mail/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\MailController#show | telescope |
| | GET|HEAD | telescope/telescope-api/mail/{telescopeEntryId}/download | | Laravel\Telescope\Http\Controllers\MailEmlController#show | telescope |
| | GET|HEAD | telescope/telescope-api/mail/{telescopeEntryId}/preview | | Laravel\Telescope\Http\Controllers\MailHtmlController#show | telescope |
| | POST | telescope/telescope-api/models | | Laravel\Telescope\Http\Controllers\ModelsController#index | telescope |
| | GET|HEAD | telescope/telescope-api/models/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\ModelsController#show | telescope |
| | POST | telescope/telescope-api/monitored-tags | | Laravel\Telescope\Http\Controllers\MonitoredTagController#store | telescope |
| | GET|HEAD | telescope/telescope-api/monitored-tags | | Laravel\Telescope\Http\Controllers\MonitoredTagController#index | telescope |
| | POST | telescope/telescope-api/monitored-tags/delete | | Laravel\Telescope\Http\Controllers\MonitoredTagController#destroy | telescope |
| | POST | telescope/telescope-api/notifications | | Laravel\Telescope\Http\Controllers\NotificationsController#index | telescope |
| | GET|HEAD | telescope/telescope-api/notifications/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\NotificationsController#show | telescope |
| | POST | telescope/telescope-api/queries | | Laravel\Telescope\Http\Controllers\QueriesController#index | telescope |
| | GET|HEAD | telescope/telescope-api/queries/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\QueriesController#show | telescope |
| | POST | telescope/telescope-api/redis | | Laravel\Telescope\Http\Controllers\RedisController#index | telescope |
| | GET|HEAD | telescope/telescope-api/redis/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\RedisController#show | telescope |
| | POST | telescope/telescope-api/requests | | Laravel\Telescope\Http\Controllers\RequestsController#index | telescope |
| | GET|HEAD | telescope/telescope-api/requests/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\RequestsController#show | telescope |
| | POST | telescope/telescope-api/schedule | | Laravel\Telescope\Http\Controllers\ScheduleController#index | telescope |
| | GET|HEAD | telescope/telescope-api/schedule/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\ScheduleController#show | telescope |
| | POST | telescope/telescope-api/toggle-recording | | Laravel\Telescope\Http\Controllers\RecordingController#toggle | telescope |
| | POST | telescope/telescope-api/views | | Laravel\Telescope\Http\Controllers\ViewsController#index | telescope |
| | GET|HEAD | telescope/telescope-api/views/{telescopeEntryId} | | Laravel\Telescope\Http\Controllers\ViewsController#show | telescope |
| | GET|HEAD | telescope/{view?} | telescope | Laravel\Telescope\Http\Controllers\HomeController#index | telescope |
+--------+----------+----------------------------------------------------------+-----------------------------------+---------------------------------------------------------------------------+------------+
The new routes are missing probably because Laravel is serving the cached routes. One quick way to verify this is to run php artisan route:list.
If the routes are not there, that confirms the theory. The solution is to run php artisan route:clear which tells laravel to clear the route cache, so routes can be fetched freshly from the route files.
After doing that, run php artisan route:list again. The missing routes should show up now and be accessible.

Is it possible to change/modify predefined route in Laravel Passport?

you know, Laravel Passport have predefined routes as folllow:
php artisan route:list
+--------+----------+-----------------------------------------+------+---------------------------------------------+--------------+
| Domain | Method | URI | Name | Action | Middleware |
+--------+----------+-----------------------------------------+------+---------------------------------------------+--------------+
| | GET|HEAD | / | | Closure | web |
| | POST | oauth/authorize | | ...\ApproveAuthorizationController#approve | web,auth |
| | GET|HEAD | oauth/authorize | | ...\AuthorizationController#authorize | web,auth |
| | DELETE | oauth/authorize | | ...\DenyAuthorizationController#deny | web,auth |
| | GET|HEAD | oauth/clients | | ...\ClientController#forUser | web,auth |
| | POST | oauth/clients | | ...\ClientController#store | web,auth |
| | PUT | oauth/clients/{client_id} | | ...\ClientController#update | web,auth |
| | DELETE | oauth/clients/{client_id} | | ...\ClientController#destroy | web,auth |
| | GET|HEAD | oauth/personal-access-tokens | | ...\PersonalAccessTokenController#forUser | web,auth |
| | POST | oauth/personal-access-tokens | | ...\PersonalAccessTokenController#store | web,auth |
| | DELETE | oauth/personal-access-tokens/{token_id} | | ...\PersonalAccessTokenController#destroy | web,auth |
| | GET|HEAD | oauth/scopes | | ...\ScopeController#all | web,auth |
| | POST | oauth/token | | ...\AccessTokenController#issueToken | throttle |
| | POST | oauth/token/refresh | | ...\TransientTokenController#refresh | web,auth |
| | GET|HEAD | oauth/tokens | | ...\AuthorizedAccessTokenController#forUser | web,auth |
| | DELETE | oauth/tokens/{token_id} | | ...\AuthorizedAccessTokenController#destroy | web,auth |
+--------+----------+-----------------------------------------+------+---------------------------------------------+--------------+
Is it possible to modify that route?
e.g. oauth/authorize become api/v1/oauth/authorize
if yes, how?
I've been searching for answer quite sometime...
Yes, it is. You can declare your own routes in Passport::routes() method.
Include this inside the boot() method of your app/Providers/AuthServiceProvider file.
app/Providers/AuthServiceProvider.php
public function boot()
{
Passport::routes(null, ['prefix' => 'api/v1/oauth']);
}
It seems like the routes method has been removed (Passport 11.x).
In order to do this now, you would need to publish the Passport configuration file and set the path attribute to the desired value: api/v1/oauth.
php artisan vendor:publish --tag=passport-config
// config/passport.php
<?php
return [
...
'path' => 'api/v1/oauth',
];
I haven't been able to find this information in the documentation. I figured this out by looking at the source code. Here's the link for further reference.

Resources