*/ protected $dontFlash = [ 'current_password', 'password', 'password_confirmation', ]; /** * Register the exception handling callbacks for the application. */ public function register(): void { $this->reportable(function (Throwable $e) { // }); } /** * This app is a pure JSON API (SPA frontend, no server-rendered login route), * so unauthenticated requests always get a 401 JSON response instead of * Laravel's default redirect-to-login fallback. */ protected function unauthenticated($request, AuthenticationException $exception): JsonResponse { return response()->json(['message' => $exception->getMessage()], 401); } }