I am developing a website with an Angular front end and Lumen back end on an AWS Ubuntu EC2 using nginx. When I try to make a POST command to the login API endpoint it gives me a "405 Not Allowed" error and I cannot figure out why, and I desperately need the help of someone who knows more than me.
This is the code I'm using for the nginx server
server {
listen 80;
listen [::]:80;
server_name ~~~~~~~~.compute-1.amazonaws.com;
server_tokens off;
client_max_body_size 10M;
location = /assets/favicon.ico {
access_log off; log_not_found off;
}
# The front end Angular
location / {
root /var/www/html;
index index.html;
try_files $uri $uri/ /index.html =404;
}
location /files/ {
root /var/www/html/files;
}
# The lumen API
location /api/ {
error_log /var/log/nginx/error.log debug;
root /var/www/html/api/public;
try_files $uri $uri/ /index.php?$query_string;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}
}
(Note: I usually include security headers but turned those off to try to isolate the problem. Also I have not set up an SSL certificate yet for this site)
When I try to post to '/api/auth/login' (or any api endpoint) this is what the nginx error log outputs:
2023/02/25 00:59:24 [debug] 371832#371832: *8 http cl:181 max:10485760
2023/02/25 00:59:24 [debug] 371832#371832: *8 rewrite phase: 3
2023/02/25 00:59:24 [debug] 371832#371832: *8 post rewrite phase: 4
2023/02/25 00:59:24 [debug] 371832#371832: *8 generic phase: 5
2023/02/25 00:59:24 [debug] 371832#371832: *8 generic phase: 6
2023/02/25 00:59:24 [debug] 371832#371832: *8 generic phase: 7
2023/02/25 00:59:24 [debug] 371832#371832: *8 access phase: 8
2023/02/25 00:59:24 [debug] 371832#371832: *8 access phase: 9
2023/02/25 00:59:24 [debug] 371832#371832: *8 access phase: 10
2023/02/25 00:59:24 [debug] 371832#371832: *8 post access phase: 11
2023/02/25 00:59:24 [debug] 371832#371832: *8 generic phase: 12
2023/02/25 00:59:24 [debug] 371832#371832: *8 try files handler
2023/02/25 00:59:24 [debug] 371832#371832: *8 http script var: "/api/auth/login"
2023/02/25 00:59:24 [debug] 371832#371832: *8 trying to use file: "/api/auth/login" "/var/www/html/api/public/api/auth/login"
2023/02/25 00:59:24 [debug] 371832#371832: *8 http script var: "/api/auth/login"
2023/02/25 00:59:24 [debug] 371832#371832: *8 trying to use dir: "/api/auth/login" "/var/www/html/api/public/api/auth/login"
2023/02/25 00:59:24 [debug] 371832#371832: *8 http script copy: "/index.php?"
2023/02/25 00:59:24 [debug] 371832#371832: *8 trying to use file: "/index.php?" "/var/www/html/api/public/index.php?"
2023/02/25 00:59:24 [debug] 371832#371832: *8 internal redirect: "/index.php?"
And all I get back from the webserver is the 405 error.
I've tried all sorts of different permutations of the above but I can't seem to find the one that gets past this 405 error. Am I looking in the wrong place?
This is working locally when I run it, but not on the server.
I double checked that the database permissions are set correctly.
I double checked that the route for the /api/auth/login is not going through any sort of Authentication middleware.
I am exhausted and emotionally a mess right now because I just can't get this to work, and I can't find the solution on the internet. I swear it was working yesterday, but whatever changes I made have completely broke it.
Can someone please tell me what I'm doing wrong, or at least a hint of what else to check, because I am losing my mind over this.
For anyone who came to this question crying and losing hair, after roughly 8 hours of working on this problem I found out that there was a bad redirection of the API subfolder to the php-fpm service.
In the example I had in the original post, the 'try_files' section was telling the server to try a file at the root level, which was not caught in the /api/ location section. And so I had to change
try_files $uri $uri/ /index.php?$query_string;
to
try_files $uri $uri/ /api/public/index.php?$query_string;
This fixed the error from a 405 error to a 404 error. Then what was happening was the $request_filename; was resolving incorrectly as duplicating the folders, and so I had to reset the root variable for that section. The end result looks like this:
location /api/ {
root /var/www/html/api/public;
try_files $uri $uri/ /api/public/index.php?$query_string;
location ~ \.php$ {
root /var/www/html;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
}
}
All in all, the best knowledge I gained out of this was that in order to debug nginx files, use a line like this as a debugger:
return 200 $realpath_root$fastcgi_script_name; add_header Content-Type text/plain;