I am authenticating users with JWTAuth OctoberCMS API plugin. When I register user or login with postman, the request return a token. However when I try to access authenticated routes like:
Route::get('api/v1/todos',
'Wafush\Maswali\Controllers\Todos#index')->middleware('\Tymon\JWTAuth\Middleware\GetUserFromToken');
I am getting {"error":"token_not_provided"} exception yet the user is authenticated.
Again when I attempt to return signed in user object like:
$user = JWTAuth::authenticate();
return $user;
I get the following error:
A token is required
C:\xampp\htdocs\myapp\plugins\vdomah\jwtauth\vendor\tymon\jwt-auth\src\JWTAuth.php line 299
Type
Undefined
Exception
Tymon\JWTAuth\Exceptions\JWTException
{
if ($token) {
return $this->setToken($token);
} elseif ($this->token) {
return $this;
} else {
throw new JWTException('A token is required', 400);
}
}
/**
* Set the request instance.
*
What I am missing. Kindly guide. Its like the token is not getting set.
I got to your question because I was facing the same problem and I've just solved it by adding below code to my .htaccess
# Authorization header
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
Related
how can i check if the current user accessing a method from a controller is authenticated,
the API route in question is not guarded by any authentication middle, because the route is accessible to public and both guest users, i checked my request headers the Bearer token is being passed, am using a react router for my routes. and api driver is passport
public route:
Route::get('product/list', 'ProductController#index')
what've tried:
Changed the default AUTH Guard to api.
Tried Explicitly calling the Auth()->guard('api')->check() in the controller method.
if (Auth()->guard('api')->check()) {
return 'is_favourite';
} else {
return 'unauthenticated';
}
also called it like this Auth()->check()
if (Auth()->check()) {
return 'is_favourite';
} else {
return 'unauthenticated';
}
Result:
Always 'unauthenticated'
Expected Results: result of is_favourite when a Bearer token is pass in the header, and 'unauthenticated' if no bearer token is supplied.
I finaly got it to work, tried with this and it worked:
if (auth('api')->check()) {
return 'is_favourite';
} else {
return 'unauthenticated';
}
I am building an API (my first api in this framework) in laravel 8 with passport 10 for accesses by token, to consult and test the API I use Insomnia, in insomnia I do the work environment with two variables "base" for the URL and "token".
When I test my API routes from Insomnia and pass the Token, it does not give me problems, the errors start when I remove the environment variable Token in Insomnia, the laravel API crashes with a 405 error (Method not Allowed).
My question is how can I control laravel so that when the user doesn't send the token my application doesn't crash?
I insist, this only happens when I remove the Token environment variable in Insomnia.
Thank you
First, i want to make sure that you are sending the Accept and Content-Type.
Accept: application/json
Content-Type: application/json
Second, MethodNotAllowedException indicates that you calling the route with different HTTP verb as you can see supported method is POST and you are using GET.
Third, in order to catch the MethodNotAllowedException you can add in your Handler.php located at app\Exceptions\Handler in report method
public function render($request, Throwable $e)
{
if ($request->ajax() && $e instanceof MethodNotAllowedException) {
return response()->json([
"Please enter your token"
], 405);
}
return parent::render($request, $e);
}
I am testing Laravel Api and using Sanctum for token and i followed the documentation for sanctum but when i used the Route as
Route::middleware('auth:sanctum')->get('user', function () {
return User::all();
});
I am getting the message as
{
"message": "Unauthenticated."
}
in postman . Also , i am passing the token in Authetication in postman (Bearer token).
In project, all API calls are from Lumen. Front is developed in Laravel. We are calling Lumen APIs using Guzzle http client guzzleHttp.
Now, I need to set header Authorization for all API calls so I'm sending token in header from Laravel but in Lumen I can't get token in Lumen request header.
Below is the example code.
Laravel controller code:
public function get_category(){
$accessToken = 'kjdhfdkjfhdkjfhfjkdf9875443213456';
$response = \Guzzle::request("GET","example.com", "categories",['headers' => [
'Authorization' => $accessToken
]]);
$category_all = json_decode($response->getBody()->getContents(),true);
return $category_all;
}
Lumen middleware code:
public function handle($request, Closure $next)
{
dd($request);
}
In Lumen request I can't get token in request header.
If you're using Apache, by default it remove the Authorization header.
You've to add this settings in the .htaccess project's file or in the apache .conf file (usually in /etc/apache2/sites-available/):
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
Header set Access-Control-Allow-Headers "Authorization"
I'm trying to get Soundcloud to return a track ID, but can't get it to work. Documentation here (PHP tab): https://developers.soundcloud.com/docs/api/guide#errors
I've triple checked my credentials from soundcloud that I'm adding as args.
Function in my controller:
function formprocessor()
{
require_once (APPPATH.'third_party/Services/Soundcloud.php');
// create a client object with your app credentials
$client = new Services_Soundcloud('my client id', 'my client secret', 'http://127.0.0.1:8888/index.php/welcome/');
try {
$me = json_decode($client->get('me'), true);
}
catch (Services_Soundcloud_Invalid_Http_Response_Code_Exception $e) {
exit($e->getMessage());
}
}
What would cause this to fail? I keep getting a 401
Here's a reference to the API: https://developers.soundcloud.com/docs/api/reference
you need to authenticate by sending the user (even if thats you) to "authorizeurl":
$authURL = $client->getAuthorizeUrl();
then set the access token with:
$accessToken = $client->accessToken($_GET['code']);
$client->setAccessToken($_SESSION['token']); //if you saved token in a session
Then you should at least be able to "get me" this part is working for me however i cannot access things such as /me/tracks/ or /me/followings/ at the moment.