[2.x] Environment APP_URL added into the default sanctum.stateful configuration #264
Conversation
|
This shouldn't be needed I believe. Why can't you just set |
|
You can just set When you forget to set the The change to phpunit config file was needed to provide a sample a sample env APP_URL configuration that could be loaded with the env() function to test if it appears in sanctum's |
Version 2.9.3 includes laravel/sanctum#264 which introduces a new null-passing error in the updated sanctum.stateful config value, which assumes the `APP_URL` env var is set. We only set url in config, so even though we have our own config/sanctum.php, the default file is included in CI because config can't be cached before composer install was run.
What?
Added the application's URL from
.env'sAPP_URLto the default value ofsanctum.statefulconfiguration.Why?
In my experience (teaching new Laravel developers) not having the application's URL among default stateful domains leads to a lot of headache when deploying to a production environment. The URL changes from e.g.
localhost:3000towww.test.comand suddenly a new configuration value must be added into.envwhich was not needed until now.While everyone expects they should change the
APP_URLwhen moving to a new environment, few also remember to addSANCTUM_STATEFUL_DOMAINSThis is also hard to notice because the application works, only the requests which should be authenticated are not.
How?
Added the host part of the
APP_URLenvironment value to/config/sanctum.phpTesting
I needed to modify the
phpunit.xml.distfile to provide a sample envAPP_URLconfiguration that could be loaded with theenv()function.Tests test the presence of the host of
env('APP_URL')inconfig('sanctum.stateful') and that a request coming from the environmentAPP_URLconfiguration passes theLaravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::fromFrontend()check.Duplicite PR?
This may seem like a duplicite of #243 but does the same thing with much simpler code and the test suite passes.