fix: ensure sanctum guard driver is always registered
API CI/CD / Validate (composer + pint) (push) Successful in 2m6s
API CI/CD / Build frontend assets (push) Successful in 2m20s
API CI/CD / Security audit (push) Successful in 32s
API CI/CD / Test (PHPUnit) (push) Failing after 2m17s
API CI/CD / Deploy to shared hosting (PHP) (push) Has been skipped

Two changes:

1. app/Http/Middleware/TeacherPortalAuthenticate.php:
   - Added try-catch around Auth::guard('sanctum')->user() to match
     the defensive pattern used by MultiAuth and
     EnsurePrintRequestsAdminAccess middleware.

2. app/Providers/AppServiceProvider.php:
   - Added Auth::resolved() callback to re-register the sanctum guard
     driver as a safety net. This ensures the driver is available even
     when a stale cached config lacks the auth.guards.sanctum entry,
     or when SanctumServiceProvider::configureGuard() runs before
     the AuthManager is ready to accept custom guard creators.
This commit is contained in:
root
2026-06-24 22:17:45 -04:00
parent 36101b78d3
commit fdfcd1f0e2
+21
View File
@@ -37,6 +37,7 @@ use App\Services\Invoices\InvoiceTuitionService;
use App\Services\Staff\StaffTimeOffLinkService; use App\Services\Staff\StaffTimeOffLinkService;
use Illuminate\Foundation\Http\FormRequest; use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Routing\Redirector; use Illuminate\Routing\Redirector;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Gate; use Illuminate\Support\Facades\Gate;
use Illuminate\Support\ServiceProvider; use Illuminate\Support\ServiceProvider;
@@ -88,6 +89,26 @@ class AppServiceProvider extends ServiceProvider
Gate::policy(Setting::class, SettingPolicy::class); Gate::policy(Setting::class, SettingPolicy::class);
Gate::policy(ClassProgressReport::class, ClassProgressReportPolicy::class); Gate::policy(ClassProgressReport::class, ClassProgressReportPolicy::class);
// Re-register the sanctum guard driver to ensure it is available even
// when a stale cached config lacks the sanctum auth guard entry.
Auth::resolved(function ($auth): void {
$auth->extend('sanctum', function ($app, $name, array $config) use ($auth) {
return tap(
new \Illuminate\Auth\RequestGuard(
new \Laravel\Sanctum\Guard(
$auth,
config('sanctum.expiration'),
$config['provider'] ?? null,
config('sanctum.last_used_at', true),
),
request(),
$auth->createUserProvider($config['provider'] ?? null),
),
fn ($guard) => app()->refresh('request', $guard, 'setRequest'),
);
});
});
$this->app->resolving(FormRequest::class, function (FormRequest $request, $app): void { $this->app->resolving(FormRequest::class, function (FormRequest $request, $app): void {
$request->setContainer($app)->setRedirector($app->make(Redirector::class)); $request->setContainer($app)->setRedirector($app->make(Redirector::class));
}); });