Login/Register
Laravel 7 with Laradock on production: email verification 403 invalid signature
Asked Answered
laravelnginx-locationlaradock
Z

2

1

There are many posts out there and StackOverflow answers, but none has helped me solve this problem.

I am using Laradock for a Laravel app on a production server. The Laravel version is 7.24.0 on Nginx and PHP 7.4.

However, if I test the email verification via mailtrap, I get this error

403 | Invalid signature.

I already have executed php artisan key:generate and I can see it in my .env file:

APP_NAME="The cool app"
APP_ENV=production
APP_KEY=base64:S1ABrOXZ1ldmYqfjBvZfupwBNM+m10MWINqEvj/eGbg=
APP_DEBUG=true
APP_URL=https://my-domain.com

Originally, the Nginx default configuration is:

server {

    listen 80;
    listen [::]:80;

    # For https
    # listen 443 ssl default_server;
    # listen [::]:443 ssl default_server ipv6only=on;
    # ssl_certificate /etc/nginx/ssl/default.crt;
    # ssl_certificate_key /etc/nginx/ssl/default.key;

    server_name my-domain.com;
    root /var/www/public;
    index index.php index.html index.htm;

    location / {
         try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        try_files $uri /index.php =404;
        fastcgi_pass php-upstream;
        fastcgi_index index.php;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        #fixes timeouts
        fastcgi_read_timeout 600;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }

    #location /.well-known/acme-challenge/ {
    #    root /var/www/letsencrypt/;
    #    log_not_found off;
    #}
}

I have tried that one as well:

try_files $uri $uri/ /index.php?$query_string;

as suggested here.

But nothing works, except in my local environment.

A sample of the URL is.

https://my-domain.com/email/verify/3/28d707536a36800a7cfaaaa5f5e29eca3ac2b38a?expires=1597101566&signature=2685421462a1756e38bee693801f11e2f2ed6645e3d0ad361413a758b9ca6fab

I checked both the "verify" email button and the web browser URLs and they look the same.

Additionally, I have just tried

$ php artisan config:cache

But no luck :/ I still get that 403 | Invalid signature error

Can anyone shed some light on this? Otherwise, how to debug this?

Solved! Hurra I have applied what is said in this GitHub issue answered by yawmanford:

Inside AppServiceProvider.php

public function boot()
{
    if($this->app->environment('production'))
    {
        \URL::forceScheme('https');
    }
}

Then in TrustProxies.php

protected $proxies = '*';

Finally, inside the workspace container I ran:

artisan config:cache

And that did the trick!

What do you think?

Zygo answered 10/8, 2020 at 22:39 Comment(0)
R
1

For me, php artisan config:cache on the production server did the trick.

Within the hasCorrectSignature method in vendor/laravel/framework/src/Illuminate/routing/UrlGenerator.php, print out the call_user_func($this->keyResolver).

If it's not the same as the APP_KEY in your environment variables, then you'll need to flush the cache (php artisan config:cache).

Revisionism answered 11/4, 2022 at 17:29 Comment(0)
L
0

I suspect that the reason for this is your nginx configuration. Can you try this instead?

    try_files $uri $uri/ /index.php?$query_string;

I also see that you are using https in the app but your nginx configs don't have SSL configs. Can you try and use http in the app see how it performs?

Lapham answered 11/8, 2020 at 4:24 Comment(2)
Thanks for the answer. I have tried it and it didn't work. But I have just found out how to make it work here. Moreover, I applied php artisan config:cacheZygo
Okay, I've updated the answer. Is it the correct answer? if not please share your solution. It will probab;y help future readers.Lapham

© 2022 - 2024 — McMap. All rights reserved.