Commit graph

2 commits

Author SHA1 Message Date
Tim Stollberg
abbd92ef85 fix(auth): return JSON 401 for unauthenticated requests unconditionally
The previous Authenticate::redirectTo() -> null fix was incomplete:
Laravel's default Handler::unauthenticated() still falls back to
route('login') via '$exception->redirectTo() ?? route('login')'
whenever the request isn't detected as expectsJson() (no Accept:
application/json or X-Requested-With header), which throws
RouteNotFoundException since this app has no named login route.

Override unauthenticated() directly so this pure-API backend always
returns a JSON 401, regardless of request headers.
2026-07-18 16:09:04 +07:00
Tim Stollberg
b948d51b59 feat(user): User model with role, UserPolicy, Filament admin resource 2026-06-23 17:10:28 +07:00