I installed JWT Auth, and for now everything works well. But I have problem to get current user id, or #guest to work. I'm getting some JSON page when I enter
{{auth()->guard('api')->user()->id}}
But on xdebug I'm getting user id
Do I miss something?
Related
I'm starting in Laravel, and I'm using Laravel 9, I'm making an API, starting for a User CRUD, when I register the user, everything it's ok, but when I got some error, example if I try to register the same email or wrong login data, the API show me the home Laravelpage, instead of to show me some error at JSON format
User registered succefully
User doesn't registered succefully
I'm trying to handle the error, I would like to get some JSON messages showing what's wrong or what happened
I have resolved the problem, I was using Postman, and you need to add at header Accept = application/json
I have a Laravel 5.8 API that I want to secure using Auth0. So far I've followed every step of this tutorial:
On the front side, Login/logout links are currently implemented in Blade, and this works fine, though the rendered content on the page is done using Vue Router, making AJAX requests to the API for the data.
The default User model in Laravel has been modified to store name, sub, and email per the tutorial, and this populates as well.
The API endpoint is secured using the jwt middleware created during the tutorial, and I can successfully submit a GET along with a hard-coded Bearer auth token in Postman and get a good response.
However, at some point I'd like to be able to pass an access token off to Vue so it can do its thing, but I'm unable to get the current authenticated user. After hitting Auth0, it redirects back to my callback route with auth gobbledlygook in the URL. The route in turn loads a controller method, and everything even looks good there:
// Get the user related to the profile
$auth0User = $this->userRepository->getUserByUserInfo($profile); // returns good user
if ($auth0User) {
// If we have a user, we are going to log them in, but if
// there is an onLogin defined we need to allow the Laravel developer
// to implement the user as they want an also let them store it.
if ($service->hasOnLogin()) { // returns false
$user = $service->callOnLogin($auth0User);
} else {
// If not, the user will be fine
$user = $auth0User;
}
\Auth::login($user, $service->rememberUser()); // "normal" Laravel login flow?
}
I'm not an expert on the framework, but the last line above seems to start the "normal" Laravel user login flow. Given that, shouldn't I see something other than null when I do auth()->user(), or even app('auth0')->getUser()?
Try using a simple tutorial if you're a beginner, I would recommend this
It uses a simple JWT package to create a jwt token which you can get when the user authenticates.
JWTAuth::attempt(['email'=>$email,'password'=>$password]);
I am working with Zapier, and trying to authenticate user using OAuth2. I am using the Laravel(5.5) Passport(^4.0).
I am trying to use defalut passport routes "https://laravel.com/docs/5.5/passport".
But when it goes to "oauth/authorize" GET method and if user is not logged in then gives me {"error":"Unauthenticated."} instead of redirecting to Login page. And if user is logged in already then worked well.
Is there something i am missing and where I can check to resolve this issue.
Thanks and Regards
You are working with Oauth2 so you will get 401 and {"error" : "Unauthenticated"}. It is up to you to handle the unauthenticated response to the server (e.g. your js front end will redirect or your mobile app show login page).
I've been trying to get authentication working (described below) in my laravel application, following these two tutorials:
https://auth0.com/docs/quickstart/webapp/laravel/01-login
https://auth0.com/docs/quickstart/backend/laravel/01-authorization
On the frontend (angular app):
User clicks log in button and taken to auth0 login page
The user logs in and is redirected back to the callback with the accessToken
The access token is stored on the frontend and passed to Laravel API each request.
On the backend:
User makes a request to my http://localhost/api/route passing the accessToken in the authorisation header
Laravel validates the user is logged in and valid.
Laravel allows access to that route
It works to an extend, but when I try to use postman to access the protected route by passing the accessToken I get the error:
"message": "We can't trust on a token issued by: https://myprojectname.au.auth0.com/."
Is my workflow correct? What am I missing?
Thanks!
Just in case if somebody facing with the same issue. The authorized_iss must contain a trailing slash.
In the laravel-auth0.php file the field,
'authorized_issuers' => 'https://myprojectname.au.auth0.com/'
should be in this form.
I'm using a custom SocialLoginController to log my users with facebook or google in al Laravel 5.3 project
In some cases I send to users an email with info about one change and the URL to the resource, for example https://myweb.com/settings/profile/[the-uuid]
when the user tries to access but is not logged in, he's redirected to the Handler#render() where I send it to login with return redirect()->guest('/login'); and after login with social account I redirect them using return redirect()->intended('/home') but since I don't use the LoginController, the redirection to the requested URL is not working.
Any idea? Thanks
The problem is the request object is lost after redirect the user to login with facebook or google, so I fixed by saving the requested URI in a session variable and then checking if exists after redirect
return Session::get('intended') ? redirect()->to(\Session::get('intended')) : redirect()->to('/expenses');
Maybe this could help someone