Https routes change to http after login - laravel

I'm using latest version of Laravel (5.3 at this time) and I have a simple app, nothing fancy, no JS framework.
I use Cloudflare (free) to have HTTPS.
I can access my app with https, but right after I login, I'm redirect to the non-https version.
Is there a way to tell Laravel to redirect to https, not http, after login?
Here is my LoginController setting for information.
protected $redirectTo = '/people';

I'd recommend you to make web server rewrite all HTTP requests to HTTPS. Here's an example of VH config for Apache:
<VirtualHost some.app:80>
ServerName some.app
Redirect permanent / https://some.app
</VirtualHost>
<VirtualHost some.app:443>
DocumentRoot "/home/project/public"
ServerName some.app
ServerAlias some.app
SSLEngine on
SSLCertificateFile conf/ssl.crt/server.crt
SSLCertificateKeyFile conf/ssl.key/server.key
<Directory "/home/project/public">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>

Related

Laravel routes behind reverse proxy generating wrong url

Let me explain my situation. I have a server that host five sites in www/html folder using the Apache 2 server but all of them run on PHP 5.4. I was asked to upload a system on this server, but it uses PHP 7+. The system is dockerized, so it contains their own container running php 7. So, I was thinking in use a reverse proxy to redirect the requests to docker container. Ok, I managed to do it. My container is running and I can access the system in production. But the system is broken, the static files and the routes are not being well formed.
This image shows the error in console. I just hid the IPs.
https://i.stack.imgur.com/5dvVe.png
This my Apache configuration in sites-available folder. I just added the Location tag to redirect for my container.
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
LimitRequestLine 16382
LimitRequestFieldSize 16382
Timeout 12000
AddDefaultCharset ISO-8859-1
SetEnv no-gzip 1
<Directory /var/www/html>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
<Location "/educar">
ProxyPreserveHost On
ProxyPass "http://localhost:8001/educar"
ProxyPassReverse "http://localhost:8001/educar"
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
This is my first question here, so I just apologized for any mistake.

Not propperly routing in reversed proxy Laravel App

I have configurated an Apache Server which uses reverse proxy to show a web app developed in laravel and mounted in another apache web server. Let's say that the domain is myapp.app
Which works properly, but when I click to a subdomain, let's say myapp.app/register the browser returns myapp.appregister/.
At the moment I've configurated my webserver as it follows:
<IfModule mod_ssl.c>
<VirtualHost *:443>
SSLEngine On
ServerName myapp.app
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location "/">
RequestHeader set X-Forwarded-Proto https
RequestHeader set X-Forwarded-Ssl on
RequestHeader set X-Url-Scheme https
</Location>
ProxyPreserveHost on
ProxyPass / http://172.31.0.234/
ProxyPassReverse / http://172.31.0.234/
Include /etc/letsencrypt/options-ssl-apache.conf
ServerAlias www.redes-erdica.tech
SSLCertificateFile /***.pem
SSLCertificateKeyFile /***.pem
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
<VirtualHost *:80>
ServerName myapp.app
Redirect permanent / https://myapp.app/
</VirtualHost>
</IfModule>
And the config file for the inner apache server has no other configurations besides the location of the laravel Project. Some curious event that happens is that if I type manually myapp.app/register it sends me where it should be, so why the browser sends me in a wrong direct when I click in the register button?
In addition, the app in localserver works properly.
You need to modify the main configuration file located on the /etc/apache2 folder, you need to change the value of the section AllowOveride that points to the folder on which your aplication lives and change it like this:
<Directory [your_app_folder]
Options ...
AllowOverride All
Require ...
</Directory>

Laravel api on apache2 ubuntu server 404 not found

I have a locally created laravel RESTFUL API and I deployed it on my ec2 ubuntu server using git.
I've set it like my main website.. /var/www/api.myapp.com/public_html/myapp-be and for its config I have this /etc/apache2/sites-available/api.myapp.com.conf.
Almost all blogs and tutorials that I found about deploying laravel on apache2 ubuntu server were almost the same and I've followed them all. However, when I test my API on postman with https://api.myapp.com/api/somefunctionhere it says 404 not found, The requested URL was not found on this server. Apache/2.4.29 (Ubuntu) Server at api.myapp.com port 443.
But when I test my local api on postman, it works fine, thus, I confirm that nothing is wrong with my laravel.
My config looks like this
<VirtualHost *:80>
<Directory /var/www/api.myapp.com/public_html/myapp-be/public/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
Require all granted
</Directory>
ServerAdmin developer#myapp.com
ServerName api.myapp.com
Redirect permanent / https://api.myapp.com/
ServerAlias api.myapp.com
DocumentRoot /var/www/api.myapp.com/public_html/myapp-be/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/error.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =api.myapp.com [OR]
RewriteCond %{SERVER_NAME} =api.myapp.com
RewriteRule ^ https://${SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
<Directory /var/www/api.myapp.com/public_html/myapp-be/public/>
AllowOverride All
</Directory>
ServerName api.myapp.com
DocumentRoot /var/www/api.myapp.com/public_html/myapp-be/public
</VirtualHost>
Is there a spot that I missed here? Obviously I missed a spot but I've been looking for it for almost 3hours already and still wont work.
Any idea guys? Thanks!
UPDATE: I tried adding /public to the prefix and it worked, I don't even know why it worked - https://api.myapp.com/public/api/somefunctionhere

Laravel route getting ruined when trying to reach HTTP request

Currently I have successfully setup my Laravel Passport API
Using Laravel 5.8.
I have this httpd-vhosts.conf config for my api
PORT: 80
<VirtualHost *:80>
ServerName <sub-domain>.<domain>.com
ServerAlias <sub-domain>.<domain>.com
Redirect permanent / https://<sub-domain>.<domain>.com
</VirtualHost>
PORT: 443
<VirtualHost *:443>
DocumentRoot "/opt/lampp/htdocs/api_tk/public"
<Directory "/opt/lampp/htdocs/api_tk/public">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ServerName <sub-domain>.<domain>.com
ServerAlias <sub-domain>.<domain>.com
ErrorLog "logs/API-error_log"
CustomLog "logs/API-access_log" common
ProxyPreserveHost On
ProxyRequests Off
ProxyPassMatch /fingerprint http://localhost:5000
ProxyPassReverse /fingerprint http://localhost:5000
RequestHeader set X-Forwarded-Proto https
RequestHeader set X-FOrwarded-Port 443
SSLEngine on
SSLCertificateFile "/opt/lampp/htdocs/ssl_key/svs-file.crt"
SSLCertificateKeyFile "/opt/lampp/htdocs/ssl_key/private_new.key"
SSLCACertificateFile "/opt/lampp/htdocs/ssl_key/svs-bundle-file.crt"
</VirtualHost>
443 is working fine I can see my HTTPS SSL Lock sign on my browser
But
When I try to do HTTP request
Laravel API always getting ruined.
I have route like this
https://..com/api/login
and this is working fine
But when I tried to do HTTP request like this
http://<sub-domain>.<domain>.com/api/login
it always end up to
https://<sub-domain>.<domain>.comapi/login
Where the slash is missing. This is because of the redirect permanent on my PORT 80 config.
I have this route for my api. (api.php)
Route::middleware('auth:api')->get('/user', function (Request $request) {
return $request->user();
});
Route::post('/timekeeping','Auth\Api\AuthController#timekeeping');
Route::post('/login','Auth\Api\AuthController#login');
Route::middleware('auth:api')->group(function () {
Route::post('/timekeeping_app','Auth\Api\AuthController#timekeeping_app');
Route::post('/logout','Auth\Api\AuthController#logout');
Route::post('/register','Auth\Api\AuthController#register');
Route::post('/show_dtr_list','Auth\Api\AuthController#show_dtr_list');
Route::post('/update','Auth\Api\AuthController#update');
Route::post('/delete','Auth\Api\AuthController#delete');
Route::post('/search_user','Auth\Api\AuthController#search_user');
Route::get('/current_time','Auth\Api\AuthController#current_time');
});
How can I prevent this?
UPDATE
Tried to do edit my vhosts config like this
Redirect permanent "/" "https://<sub-domain>.<domain>.com/"
And
Redirect permanent / https://<sub-domain>.<domain>.com\/
But this gives me an output like this
try do add slash under your apache virtual host settings:
<VirtualHost *:80>
ServerName <sub-domain>.<domain>.com
ServerAlias <sub-domain>.<domain>.com
# fix below
Redirect permanent / https://<sub-domain>.<domain>.com/
</VirtualHost>

Ubuntu 14.04 Apache2 404 Page Not Found

I've setted up an Ubuntu 14.04 with php5, Apache2, mysql / mysql-php.
Now I am tring to visit mydomain.com/admin but its response the following error
The requested URL /admin was not found on this server.
Here is my mydomain.com.conf file
<VirtualHost *:80>
<Directory /var/www/mydomain>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ServerName mydomain.com
ServerAlias www.mydomain.com
DocumentRoot /var/www/mydomain
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
mod_rewrite is already enabled
You can't access the domain because you haven't properly configured a live domain. Go to http://localhost:80/admin to access your information. I would try setting the server name equal to your public IP address and set the server alias equal to localhost. Then you'll be able to access the server from over the web by entering your public IP address into the URL of your HTTP client.

Resources