Closed eskies closed 5 years ago
What I do for this is just see if Sentinel::authenticate returns a user, then put the user principal / id / email into a JWT outside of sentinel and just setcookie().
JWT cannot be destroyed like a cookie or PHP session, so really just make it afterward.
@suwardany just a thought. Would this be a good optional cookie class. I imagine there would be more to it than just that but maybe for 4.0 add the option for stateless logins?
Since Sentinel has a stateless method, we can augment/improve that so it could become a tad more flexible.
What I do for this is just see if Sentinel::authenticate returns a user, then put the user principal / id / email into a JWT outside of sentinel and just setcookie().
JWT cannot be destroyed like a cookie or PHP session, so really just make it afterward.
ah, it means we need to set it outside of sentinel. Well, guess need to add some middleware then, As a suggestion, maybe it can be improved, as @8633brown and @brunogaspar said, to make it more flexible by adding an option for stateless login. Thanks :)
Hello, I've been using Cartalyst/Sentinel to handle auth process of my project. Recently I shift some architecture of my website to use API/microservice at some part. What I like to do is using JWT when making API Request. Is there any option to put a JWT Cookie after a user successfully log in and authenticate?
Thank you