Requesting an unauthenticated delete route. will result in a login route of 405.

[foxlau]

Hello friends....

I have inadvertently come across this problem.

If an unauthenticated click on a delete route, the 302 will be 405 after jumping to the /login route

Although I can hide the delete button in the case of unauthenticated.

Is this a problem with inertiajs? 🤔

I tested with blade and it does not have this problem.

Or is it because I have set it up incorrectly?

Hope I can get some help, thanks! 🙏

my code: 👇

inertiajs vue:
const del = () => {
    form.delete('/comment/1', {
        onBefore: () => confirm('Are you sure you want to delete this comment?'),
        preserveScroll: true,
    });
};

laravel route:
Route::delete('/comment/{comment}', [CommentController::class, 'destroy']);

laravel controller:
class CommentController extends Controller
{
    public function __construct()
    {
        $this->middleware('auth');
    }

    public function destroy(Comment $comment)
    {
        $this->authorize('delete', $comment);
        $comment->delete();
        return back();
    }
}

Chrome:
request url: http://inertiajs.test/comment/1
method: DELETE
status: 302 Found

request url: http://inertiajs.test/login
method: DELETE
status: 405 Method Not Allowed

[RobertBoes]

Seems like your route is missing the Inertia middleware. Make sure you define your routes in routes/web.php and the route has the appropriate middleware, as explained in the docs.
Inertia converts a 302 redirect to a 303, which indicates the next request should be made using GET, while a 302 will use the same method as the initial request (DELETE in this case)

[foxlau]

Thank you for your reply

Installed with php artisan breeze:install vue and the middleware will be configured by default

I even checked several times in Kernel.php that the web array contains \App\Http\Middleware\HandleInertiaRequests::class,

So I don't know exactly what else is wrong, sorry I'm new to inertiajs 🤔

[RobertBoes]

Well, this part https://github.com/inertiajs/inertia-laravel/blob/master/src/Middleware.php#L102-L104 would convert a 302 to a 303, since that's the only place where that's done it seems to me the middleware is not applied to your delete route. If you open the demo app (https://demo.inertiajs.com/) and perform a delete on a contact you'd see it performs the delete request and then a 303 response is received, followed by a GET request

Where is your Route::delete('/comment/{comment}', [CommentController::class, 'destroy']); defined? It should be defined in routes/web.php

[foxlau]

Route::delete('/comment/{comment}', [CommentController::class, 'destroy']);

yes. this route is defined in routes/web.php

If this route is executed after the user has logged in, it will respond to 303

If not logged in, requesting this route will result in a 302 response, and then /login will be 405

The DELETE method is not supported for this route. Supported methods: GET, HEAD, POST.

[alanbernale]

Any solution for this problem? Thank you for your answer.

[LoganTFox]

Any solutions?

[foxlau]

Bro, if I hadn't received a reply email, I would have already forgotten about Inertia.js...😂

[swarakaka]

Hi @LoganTFox,
Here's the solution:

const form = useForm({
   _method:"DELETE",
   .....
})
const del = () => {
    form.post('/comment/1', {
        onBefore: () => confirm('Are you sure you want to delete this comment?'),
        preserveScroll: true,
    });
};