I have created a REST API with LARAVEL SANCTUM. I have tested api on postman and it works as expected but when mobile developer uses it on ionic app, it returns for login "TOKEN MISMATCH".

Here is my API route

Route::post('/register', [ApiController::class, 'register']);
Route::post('/login', [ApiController::class, 'login']);

Here is the ApiController for login

public function login(Request $request){
    $fields = $request->validate([
        'email' => 'required|string|email|max:255',
        'password' => 'required|string|min:8'            
    ]);

    //validate login parameters
    //check email
    $user = User::where('email', $fields['email'])->first();

    //check password
    if(!$user || !Hash::check($fields['password'], $user->password)){
        return response([
            'message' => 'Invalid Credentials'
        ], 401);
    }

    $token = $user->createToken('myapptoken')->plainTextToken;
    //return $user->createToken($request->device_name)->plainTextToken;

    $response = [
        'user' => $user,
        'token' =>$token,
    ];

    return response($response, 201);
}

EndPoint: https://findajob.ng/api/login

Email:[email protected] Password: 12345678

CodePudding user response：

This might not be a problem from backend, but in other-hand, if everything work in postman, you might try to:

1. Change support_credentials in config\cors to true.
2. Add withCredential header to front-end.