From 837c91019f045d26954a79499b680cd080932c8f Mon Sep 17 00:00:00 2001 From: Tim Stollberg Date: Sat, 18 Jul 2026 15:42:33 +0700 Subject: [PATCH] fix(auth): stop redirecting unauthenticated requests to nonexistent login route No named 'login' route exists anywhere in this app (it's a pure API backend for the Nuxt SPA). Authenticate::redirectTo() called route('login') for any request without an explicit Accept: application/json header, throwing RouteNotFoundException and surfacing as a 500 instead of the expected 401. Co-Authored-By: Claude Sonnet 5 --- backend/app/Http/Middleware/Authenticate.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/app/Http/Middleware/Authenticate.php b/backend/app/Http/Middleware/Authenticate.php index d4ef644..99d626d 100644 --- a/backend/app/Http/Middleware/Authenticate.php +++ b/backend/app/Http/Middleware/Authenticate.php @@ -12,6 +12,6 @@ class Authenticate extends Middleware */ protected function redirectTo(Request $request): ?string { - return $request->expectsJson() ? null : route('login'); + return null; } }