Pass JWT Token in Each API Request - laravel

Hello I am working with JWT Token, and I'm testing API using postman, when perform operation using Postman I set bearer header in Header of postman, it works fine with Postman,
But what if I don't want to set it In postman header and pass it from Controller?
Any Solution Will Helpful,
Here is my code,
Controller,
public function login(Request $request)
{
$credentials = $request->only('email', 'password');
$token = auth()->attempt( $credentials);
return $this->createNewToken($token);
}
public function me()
{
$user =$this->getAuthenticatedUser();
return response()->json(array($user));
}
protected function createNewToken($token)
{
return response()->json([
'access_token' => $token,
'token_type' => 'bearer',
'expires_in' => auth()->factory()->getTTL() * 1200,
'user' => auth()->user()
]);
}
public function getAuthenticatedUser()
{
try {
if (! $user = JWTAuth::parseToken()->authenticate()) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['token_expired'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['token_invalid'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e->getStatusCode());
}
return response()->json(compact('user'));
}
Route::post('login', [App\Http\Controllers\NewController::class, 'login'])->name('apisignin');
Route::group([
'middleware' => 'jwt.verify',
'prefix' => 'auth',
], function ($router) {
Route::post('getauth', [App\Http\Controllers\NewController::class, 'getAuthenticatedUser'])->name('getAuthenticatedUser');
Route::post('userProfile', [App\Http\Controllers\NewController::class, 'userProfile']);
Route::post('me', [App\Http\Controllers\NewController::class, 'me']);
Route::post('authheader', [App\Http\Controllers\NewController::class, 'authHeader']);
Route::post('userupdate', [App\Http\Controllers\NewController::class, 'userUpdate']);
Route::post('refresh', [App\Http\Controllers\AuthController::class, 'refresh']);
Route::post('getAuthenticatedUser', [App\Http\Controllers\NewController::class, 'getAuthenticatedUser']);
});
public function handle($request, Closure $next)
{
try {
$user = JWTAuth::parseToken()->authenticate();
} catch (Exception $e) {
if ($e instanceof \Tymon\JWTAuth\Exceptions\TokenInvalidException){
return response()->json(['status' => 'Token is Invalid']);
}else if ($e instanceof \Tymon\JWTAuth\Exceptions\TokenExpiredException){
return response()->json(['status' => 'Token is Expired']);
}else{
return response()->json(['status' => 'Authorization Token not found']);
}
}
return $next($request);
}


According to your question, you need to make an API request from your controller.
In order to put a token there, just use withToken($token) method on Illuminate\Support\Facades\Http facade:
Http::withToken($token)->get($url, $parameters)
Laravel documentation: https://laravel.com/docs/8.x/http-client#bearer-tokens

Related

Vue.js 3 use Laravel callback for google login

I made a google login through socialite in laravel
public function redirectToProvider($provider)
{
$url = Socialite::driver($provider)->stateless()->redirect()->getTargetUrl();
return $url;
//return response()->json(['url' => $url], 200);
}
public function handleProviderCallback($provider)
{
$user = null;
if (Helper::validateProvider($provider) === false) {
return response()->json(['message' => 'The provider is not accepted temporally'], 422);
}
try {
$userProvider = Socialite::driver($provider)->stateless()->user();
} catch(\Exception $e) {
\Log::error($e->getMessage());
return response()->json(["message" => "An error occured while trying to login with {$provider}"], 422);
}
if (empty($userProvider)) {
return response()->json(["message" => "Invalid user provider"], 422);
}
if (empty($userProvider->id)) {
return response()->json(["message" => "Invalid provider id"], 422);
}
if (empty($userProvider->name)) {
return response()->json(["message" => "Invalid provider name"], 422);
}
if (empty($userProvider->email)) {
return response()->json(["message" => "Invalid provider email"], 422);
}
DB::transaction(function () use ($userProvider, $provider, &$user) {
$user = User::firstOrCreate([
'provider_id' => $userProvider->id,
'provider_name' => $provider,
], [
'email' => $userProvider->email,
'email_verified_at' => now(),
]);
});
if (! $user) {
return response()->json(["message" => "Cannot create an account"]);
}
$token = $user->createToken('token')->plainTextToken;
$response = [
'user' => $user,
'token' => $token,
'isAdmin' => $isAdmin
];
return response($response);
}
But now I do not know how I could proceed with these two api and take the data properly in my application de vue
I use vue3 and there I don't have much advantage of books already written
Is there a way I can get data from google?
For example, if I open the 2 apies in the browser, I can log in and my token will be returned
But in view, if I made a call to callback it would be a matter of course because I would send something to google
How can I proceed /

BadMethodCallException: Method App\Http\Controllers\UserController::getAuthenticatedUser does not exist

When i try to Get the authenticated user data from API i get this error:
BadMethodCallException: Method App\Http\Controllers\UserController::getAuthenticatedUser does not exist. in file D:\OpenServer\OSPanel\domains\Pumpkin\vendor\laravel\framework\src\Illuminate\Routing\Controller.php on line 68
Please help to fix it
My userController:
namespace App\Http\Controllers;
use App\User;
use GuzzleHttp\Psr7\Response;
use Illuminate\Auth\Events\PasswordReset;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Password;
use Illuminate\Support\Facades\Validator;
use JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
use Illuminate\Foundation\Auth\ResetsPasswords;
class UserController extends Controller
{
public function authenticate(Request $request)
{
$credentials = $request->only('email', 'password');
try {
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'invalid_credentials'], 400);
}
} catch (JWTException $e) {
return response()->json(['error' => 'could_not_create_token'], 500);
}
return response()->json(compact('token'));
}
public function logout()
{
auth()->logout();
return response()->json(['message'=>'Successfully logged out']);
}
protected function respondWithToken($token)
{
return response()->json([
'access_token' => $token,
'token_type' => 'bearer',
'expires_in' => auth()->factory()->getTTL() * 60
]);
}
public function register(Request $request)
{
$validator = Validator::make($request->all(), [
'name' => 'required|string|max:255',
'email' => 'required|string|email|max:255|unique:users',
'password' => 'required|string|min:6|confirmed',
]);
if($validator->fails()){
return response()->json($validator->errors()->toJson(), 400);
}
$user = User::create([
'name' => $request->get('name'),
'email' => $request->get('email'),
'password' => Hash::make($request->get('password')),
]);
$token = JWTAuth::fromUser($user);
return response()->json(compact('user','token'),201);
}
public function getAuthenticatedUser()
{
try {
if (! $user = JWTAuth::parseToken()->authenticate()) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['token_expired'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['token_invalid'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e->getStatusCode());
}
return response()->json(compact('user'));
}
}
My api.php
Route::post('auth/register', 'UserController#register');
Route::post('auth/login', 'UserController#authenticate');
Route::post('auth/recover', 'UserController#recover');
Route::get('open', 'DataController#open');
Route::post('/password/email', 'ForgotPasswordController#sendResetLinkEmail');
Route::post('/password/reset', 'ResetPasswordController#reset');
Route::group(['middleware' => ['jwt.verify']], function() {
Route::get('user', 'UserController#getAuthenticatedUser');
Route::get('closed', 'DataController#closed');
});
Middleware:
<?php
namespace App\Http\Middleware;
use Closure;
use JWTAuth;
use Exception;
use Tymon\JWTAuth\Http\Middleware\BaseMiddleware;
class JwtMiddleware extends BaseMiddleware
{
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
public function handle($request, Closure $next)
{
try {
$user = JWTAuth::parseToken()->authenticate();
} catch (Exception $e) {
if ($e instanceof \Tymon\JWTAuth\Exceptions\TokenInvalidException){
return response()->json(['status' => 'Token is Invalid']);
}else if ($e instanceof \Tymon\JWTAuth\Exceptions\TokenExpiredException){
return response()->json(['status' => 'Token is Expired']);
}else{
return response()->json(['status' => 'Authorization Token not found']);
}
}
return $next($request);
}
}

Can you provide the full log output from \storage\logs?
Also, sending the router as a parameter to the function may help.
Route::group([
'middleware' => 'jwt.verify'
], function ($router) {
Route::get('user', 'UserController#getAuthenticatedUser');
Route::get('closed', 'DataController#closed');
});

Laravel, JWT authentication is successful but check return false

I use this class for multiple projects and I never had any problems,
Today impossible to check user after JWT authentication
public function check()
{
return response()->json( Auth::guard()->check());
}
public function login(Request $request)
{
$credentials = $request->only('email', 'password');
if ($token = Auth::guard()->attempt($credentials)) {
return $this->respondWithToken($token);
}
return response()->json(['message' => __('commons.response.error.login')], 401);
}
protected function respondWithToken(string $token)
{
return response()->json([
'check' => Auth::guard()->check(),
'access_token' => $token,
'token_type' => 'bearer',
'auth' => true,
'me' => Auth::guard()->user(),
'message' => __('commons.response.success.login', ['user' => Auth::guard()->user()->name]),
]);
}
The login function returns the user and check return true
After that, check() return false
any idea ?
Thank you
Edit
I find it, it was a front end issue, the request token cannot be found
axios.defaults.headers.common['Authorization'] = `Bearer ` + localStorage.token;
I miss the line
localStorage.setItem('token', r.data.access_token);
Done

how to create a token in laravel tymons/jwt-auth

I want to create a token encoded with user role. I have tried with seeing the documentation, But I am not getting a token. what I have tried.
I am using laravel 5.8 and package version "tymon/jwt-auth": "^1.0.0-rc.2"
Thank you
AuthController
public function login()
{
$credentials = request(['email', 'password']);
if (! $token = auth()->guard('api')->attempt($credentials)) {
return response()->json(['errors' => 'In-valid username and Password'], 401);
}
$customClaims =[
'role' => auth('api')->user()->getRoleNames()
];
$payload = JWTFactory::make($customClaims);
$token = JWTAuth::encode($payload);
return $this->respondWithToken($token);
}
protected function respondWithToken($token)
{
return response()->json([
'success' => true,
'access_token' => $token,
'token_type' => 'bearer',
]);
}

Based on the documentation, you might need to do attempt() twice, like this:
public function login()
{
$credentials = request(['email', 'password']);
if (!auth()->guard('api')->claims(['role' => 'bar'])->attempt($credentials)) {
return response()->json(['errors' => 'In-valid username and Password'], 401);
}
$token = auth('api')->claims(['role' => auth('api')->user()->getRoleNames()])->attempt($credentials);
return $this->respondWithToken($token);
}

Your User MOdel should like this
class User extends Authenticatable implements JWTSubject
{
use Notifiable, HasRoles;
public function getJWTIdentifier()
{
return $this->getKey();
}
public function getJWTCustomClaims()
{
return [];
}
}
public function login()
{
$credentials = request(['email', 'password']);
if (!$token = JWTAuth::attempt($credentials)) {
return response()->json(['errors' => 'In-valid username and Password'], 401);
}
$customClaims =[
'role' => auth('api')->user()->getRoleNames()
];
$payload = JWTFactory::make($customClaims);
$token = JWTAuth::encode($payload);
return $this->respondWithToken($token);
}

Try This
use JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
class AuthenticateController extends Controller
{
public function login(Request $request)
{
// grab credentials from the request
$credentials = $request->only('email', 'password');
try {
// attempt to verify the credentials and create a token for the user
if (!auth()->guard('api')->claims(['role' => 'bar'])->attempt($credentials))
{
return response()->json(['errors' => 'In-valid username and Password'], 401);
}
$token = auth('api')->claims(['role' => auth('api')->user()->getRoleNames()])->attempt($credentials);
return $this->respondWithToken($token);
} catch (JWTException $e) {
// something went wrong whilst attempting to encode the token
return response()->json(['error' => 'could_not_create_token'], 500);
}
// all good so return the token
return response()->json(compact('token'));
}
}

Undefined Variable: token in Laravel Login Postman test

I wrote an API in Laravel 5.8 for User Login and Register.
I use JWTAuth in Laravel 5.8. When I tested the Login on Postman, it generated an error, undefined variable: token. I tried to write the API for register, when I tested it, it worked perfectly. Based on what I saw online, I tried adding \Illuminate\View\Middleware\ShareErrorsFromSession::class, to the kernel but still the same error.
LoginController
public function login(Request $request)
{
$credentials = $request->json()->all();
try
{
if(! $token == JWTAuth::attempt($credentials))
{
return response()->json(['error' => 'invalid_credentials'], 400);
}
}
catch(JWTException $e)
{
return response()->json(['error' => 'could_not_create_token'], 500);
}
return response()->json(compact('token'));
}
public function register(Request $request)
{
$validator = Validator::make($request->json()->all() , [
'name' => 'required|string|max:255',
'email' => 'required|string|email|max:255|unique:users',
'password' => 'required|string|min:6',
'username' => 'required|string|max:255',
]);
if($validator->fails()){
return response()->json($validator->errors()->toJson(), 400);
}
$user = User::create([
'name' => $request->json()->get('name'),
'email' => $request->json()->get('email'),
'password' => Hash::make($request->json()->get('password')),
'username' => $request->json()->get('username'),
]);
$token = JWTAuth::fromUser($user);
return response()->json(compact('user', 'token'), 201);
}
api.php
Route::middleware('auth:api')->get('/user', function (Request $request) {
return $request->user();
});
Route::post('register', 'UserController#register');
Route::post('login', 'UserController#login');
Route::get('profile', 'UserController#getAuthenticatedUser');
I expected success, but it gave error:
ErrorException: Undefined variable: token in file C:\xampp\htdocs\laravelapi\app\Http\Controllers\UserController.php on line 52
This is my line 52:
if(! $token == JWTAuth::attempt($credentials))

define $token before line 52
$token = null;

You should use assignment operator and not equal ==:
$token = JWTAuth::attempt($credentials))
Also in the login function you should generate a token from user to return
public function login(Request $request)
{
$credentials = $request->json()->all();
try
{
if(! $token = JWTAuth::attempt($credentials))
{
return response()->json(['error' => 'invalid_credentials'], 400);
} else {
// Generate token from user
$token = JWTAuth::attempt($credentials);
return response()->json(compact('token'));
}
}
catch(JWTException $e)
{
return response()->json(['error' => 'could_not_create_token'], 500);
}
}

Resources