I am using Laravel 5.5 with JWT dev-develop. I have also set my auth drivers for web.
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt',
'provider' => 'users',
],
],
But, the above configuration doesn't give me JWT Bearer Token. When I replace web with api, Auth::attempt($credentials) gives me JWT token instead of session.
Any ideas how to use both at the same time?
Auth::attempt($credentials) override actual method when you using JWT and giving you JWT Token.
You can also check this function in tymon\src\JWTAuth.php
You can both as use default guard as as web and use
JWTAuth::attempt($credentials) to get JWT Token
Related
I'm trying to set-up Laravel authentication using sanctum. I'm able to create a successful login function, which returns a token (bearer), but once that bearer is added to a next request using postman, a 401 unauthorized is received, and I cannot figure out why. I'm running the setup using XAMPP (127.0.0.1:8000).
Config/auth contains the following guards
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users'
]
],
The config/sanctum guard is set to api.
I've added (and tested with) the following variables in the .env file;
SESSION_DOMAIN='localhost'
SANCTUM_STATEFUL_DOMAINS='localhost:8000'
Lastly, routes are set as follows;
Route::middleware('auth:sanctum')->group(function () {
Route::apiResource('friends', FriendsController::class);
});
I'm now unsure what the issue could possibly be.
So i've made an API with the guidance of Laravel's documentation here and this question here. One problem i encountered was that OAuth can only be accessed if I am authenticated with Auth.
However, since the application i am making is API only, i was wondering how i could use auth:api as my middleware for oauth links instead of auth. The result that should happen would be that i could create clients when i am authenticated with Auth:Api.
Route:List
How I'm currently authenticating my users (This is just a reference i took from the documentation):
$http = new GuzzleHttp\Client;
$response = $http->post('http://your-app.com/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'client_id' => 'client-id',
'client_secret' => 'client-secret',
'username' => 'taylor#laravel.com',
'password' => 'my-password',
'scope' => '',
],
]);
return json_decode((string) $response->getBody(), true);
AuthServiceProvider has:
Passport::Routes()
Lastly, is it possible to set the expire of an individual personal access token?
Did you change your config/auth.php to utilize passport for API authentication?
config/auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport', #Right here
'provider' => 'users',
],
],
https://laravel.com/docs/5.8/passport
I am using laravel 5.6. I tried to use JWT. That's why I made some modification followed by https://jwt-auth.readthedocs.io/en/develop/quick-start/ . Now jwt is working properly.I checked it by postman. But when I try to use laravel basic login with email and password it does not work. Thanks in advance
I also made change on
'defaults' => [
'guard' => 'api',
'passwords' => 'users',
],
...
'guards' => [
'api' => [
'driver' => 'jwt',
'provider' => 'users',
],
],
is because you are telling laravel to use jwt as driver and the laravel basic login use session as driver, if you want to have both you may need to put this
'web' => [
'driver' => 'session',
'provider' => 'users',
],
and especify the guard that you will use for the login
if (Auth::guard('web')->attempt($credentials)) {
//
}
I have multiple entities in my application that need to be authenticated. So I defined multiple guards to do so:
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'customers',
],
'customer' => [
'driver' => 'passport',
'provider' => 'customers',
],
'partner' => [
'driver' => 'passport',
'provider' => 'partners',
],
'admin' => [
'driver' => 'passport',
'provider' => 'admins',
],
],
Then in my Login controllers I have the following condition:
if (Auth::guard('admin')->attempt(['email' => $email, 'password' => $password])) {
...
...
}
when I try to do so (even though it's written in the docs) I get an error telling me that "method attempt does not exist".
So I try defining the guard method on the controller (also like the docs) like this:
protected function guard()
{
return Auth::guard('admin');
}
authentication still doesn't work with the right credentials (I tried to check what guard the Auth facade was using before the attempt using dd(Auth::guard()) and it was the default web guard.
I tried removing the web guard from the default guards array in auth config. didn't work.
I also tried config:clear and rerunning the server but nothing worked!
I am out of ideas. I know that I can write my own simple login, but why reinvent the wheel, and I was following the docs to the letter. help.
I am trying to implement oath2 using laravel and passport. however i have managed to make everything up & running. But the problem i am facing is when token expires or without token the url redirects to the laravels login page. I was expecting an unauthorized error message with a status code 401.
oauth2 is implemented using passport. I think laravels default auth is creating the problem.
this is my code in routes
Route::group(['middleware' => 'auth:api'], function () {
Route::get('users', "\App\Http\Controllers\UserController#getUsers");
Route::post('permission/add', "\App\Http\Controllers\UserController#createPermission");
Route::get('permissions', "\App\Http\Controllers\UserController#getPermissions");
Route::get('permission/{param}', "\App\Http\Controllers\UserController#getPermission");
Route::post('role/add', "\App\Http\Controllers\UserController#createRole");
Route::get('roles', "\App\Http\Controllers\UserController#getRoles");
Route::get('user/profile', function () {
// Uses Auth Middleware
});
});
My output when unauthorized
my config/auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],