CORS issue with webroute in Laravel 7 – Apache

I try my laravel project in apache server

I clone my project

sudo -u www-data git clone ******* laravel

Lunch composer

sudo -u www-data composer install --no-dev --optimize-autoloader

Lunch npm and webpack

sudo -u www-data npm install
sudo -u www-data npm run production

Create .env

sudo -u www-data cp .env.example .env

Generate key

sudo -u www-data php artisan key:generate
sudo -u www-data php artisan config:cache

After clone my project and installed all packages, i configure .htaccess

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On
    RewriteBase /laravel/

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.+)/$
    RewriteRule ^ %1 [L,R=301]

    # Send Requests To Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
</IfModule>

and 000-default.conf

<VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html/laravel/public

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf

</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Alias /laravel /var/www/html/laravel/public/
<Directory "/var/www/html/laravel/public">
        AllowOverride All
        allow from all
        Options +Indexes
</Directory>

But i have a 500 error when i try to login.

Does anyone have an explanation to this ?

I forgot to do this :

sudo -u www-data php artisan passport:install

But now all my web routes have this error

All my web routes have 127.0.0.1:8000. But i’m in production, i shouldn’t have this, no ?

I has installed fruitcake/laravel-cors

sudo composer remove barryvdh/laravel-cors fruitcake/laravel-cors
sudo -u www-data composer require fruitcake/laravel-cors

I allow CORS for all your routes in app/Http/Kernel.php

protected $middleware = [
  FruitcakeCorsHandleCors::class,
    // ...
]

I reload my Laravel configurations and allow my changes to reflect

sudo -u www-data php artisan config:cache

For mapApiRoutes it’s work, but not for mapWebRoutes. How can i fix for mapWebRoutes ?