Failed login attempts via nginx/laravel API calls

Tags: , , , ,



I was dealing with an issue where my API site was not accessible either by my iOS app or by a web client. I fixed the issue and can now visit the API site via web client, but now am unable to login to my app, although I periodically (about every half hour strangely) am able to for a short period of time. In the process of fixing the earlier issue, I messed around with my nginx sites-enabled file, and I think that might be what’s causing this.

Also when I paste the url path in a web client I get many errors from laravel, mostly involving code related to routing and HTTP.

Is anyone able to identify what’s going wrong?

/etc/nginx/sites-enabled/default:

proxy_cache_path /tmp/nginx-cache keys_zone=one:10m;

server {
        listen 80 default_server;
        listen [::]:80 ipv6only=on;
        listen 443;
        listen [::]:443 ipv6only=on;

        root /usr/share/nginx/html/MySite-API/public;

        index index.php index.html index.htm;

        proxy_set_header X-Forwarded-Proto $scheme;

        if ( $http_x_forwarded_proto != 'https' ) {
                return 301 https://$host$request_uri;
        }

        server_name api.mysite.com;

        location / {
                try_files $uri $uri/ /index.php$is_args$args;
        }

        fastcgi_param PHP_VALUE "memory_limit = 512M";

        location ~ .php$ {
                try_files $uri /index.php =404;
                fastcgi_split_path_info ^(.+.php)(/.+)$;
                fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
        }

}

Here’s what I’m seeing in the laravel error log:

local.ERROR: The resource owner or authorization server denied the request. {"exception":"[object] (League\OAuth2\Server\Exception\OAuthServerException(code: 9): The resource owner or authorization server denied the request. at /usr/share/nginx/html/MySite-API/vendor/league/oauth2-server/src/Exception/OAuthServerException.php:173)
[stacktrace]
#0 /usr/share/nginx/html/MySite-API/vendor/league/oauth2-server/src/AuthorizationValidators/BearerTokenValidator.php(82): League\OAuth2\Server\Exception\OAuthServerException::accessDenied('Access token ha...')
#1 /usr/share/nginx/html/MySite-API/vendor/league/oauth2-server/src/ResourceServer.php(82): League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator->validateAuthorization(Object(Zend\Diactoros\ServerRequest))
#2 /usr/share/nginx/html/MySite-API/vendor/laravel/passport/src/Guards/TokenGuard.php(109): League\OAuth2\Server\ResourceServer->validateAuthenticatedRequest(Object(Zend\Diactoros\ServerRequest))
#3 /usr/share/nginx/html/MySite-API/vendor/laravel/passport/src/Guards/TokenGuard.php(89): Laravel\Passport\Guards\TokenGuard->authenticateViaBearerToken(Object(Illuminate\Http\Request))
#4 /usr/share/nginx/html/MySite-API/vendor/laravel/passport/src/PassportServiceProvider.php(267): Laravel\Passport\Guards\TokenGuard->user(Object(Illuminate\Http\Request))
#5 [internal function]: Laravel\Passport\PassportServiceProvider->Laravel\Passport\{closure}(Object(Illuminate\Http\Request), NULL)
#6 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Auth/RequestGuard.php(58): call_user_func(Object(Closure), Object(Illuminate\Http\Request), NULL)
#7 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Auth/GuardHelpers.php(50): Illuminate\Auth\RequestGuard->user()
#8 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(61): Illuminate\Auth\RequestGuard->check()
#9 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(41): Illuminate\Auth\Middleware\Authenticate->authenticate(Array)
#10 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Auth\Middleware\Authenticate->handle(Object(Illuminate\Http\Request), Object(Closure), 'api')
#11 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#12 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(57): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#13 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Routing\Middleware\ThrottleRequests->handle(Object(Illuminate\Http\Request), Object(Closure), 600, '1')
#14 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#15 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(102): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#16 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Router.php(661): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#17 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Router.php(636): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))
#18 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Router.php(602): Illuminate\Routing\Router->runRoute(Object(Illuminate\Http\Request), Object(Illuminate\Routing\Route))
#19 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Router.php(591): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))
#20 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(176): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))
#21 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}(Object(Illuminate\Http\Request))
#22 /usr/share/nginx/html/MySite-API/vendor/fideloper/proxy/src/TrustProxies.php(57): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#23 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Fideloper\Proxy\TrustProxies->handle(Object(Illuminate\Http\Request), Object(Closure))
#24 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#25 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(57): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#26 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Routing\Middleware\ThrottleRequests->handle(Object(Illuminate\Http\Request), Object(Closure), 600, '1')
#27 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#28 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(102): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#29 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Router.php(661): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#30 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Router.php(636): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))
#31 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Router.php(602): Illuminate\Routing\Router->runRoute(Object(Illuminate\Http\Request), Object(Illuminate\Routing\Route))
#32 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Router.php(591): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))
#33 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(176): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))
#34 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}(Object(Illuminate\Http\Request))
#35 /usr/share/nginx/html/MySite-API/vendor/fideloper/proxy/src/TrustProxies.php(57): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#36 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Fideloper\Proxy\TrustProxies->handle(Object(Illuminate\Http\Request), Object(Closure))
#37 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#38 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(30): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#39 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle(Object(Illuminate\Http\Request), Object(Closure))
#40 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#41 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(30): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#42 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle(Object(Illuminate\Http\Request), Object(Closure))
#43 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#44 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#45 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle(Object(Illuminate\Http\Request), Object(Closure))
#46 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#47 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(46): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#48 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure))
#49 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#50 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(102): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#51 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(151): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#52 /usr/share/nginx/html/MySite-API/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(116): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))
#53 /usr/share/nginx/html/MySite-API/public/index.php(55): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))
#54 {main}
"}
~             

Answer

The API seems to be working consistently the day after, so I’m assuming that laravel and/or AWS has some sort of dynamic throttle whose threshold was lowered due to low traffic as a result of our prior API issue. Always better to have issues that fix themselves!



Source: stackoverflow