search

dingo / api

A RESTful API package for the Laravel and Lumen frameworks.
BSD 3-Clause "New" or "Revised" License
9.33k stars 1.25k forks source link

Different Output on jwt.auth and api.auth Middleware #1546

Closed erayaydin closed 5 years ago

erayaydin commented 6 years ago
Q A
Bug? no
New Feature? no
Framework Larave
Framework version 5.6.16
Package version v2.0.0-alpha1
PHP version 7.2.4

Actual Behaviour

My routes/api.php file

$api->group(['middleware' => 'api.auth'], function(Router $api){
...
}

Throw 500 error code when there is no "Token" header, different from JWT's output

{
    "message": "Type error: Argument 1 passed to Symfony\\Component\\HttpKernel\\Exception\\UnauthorizedHttpException::__construct() must be of the type string, null given, called in /vendor/dingo/api/src/Auth/Auth.php on line 113",
    "status_code": 500,
    "debug": {
        "line": 26,
        "file": "/vendor/symfony/http-kernel/Exception/UnauthorizedHttpException.php",
        "class": "Symfony\\Component\\Debug\\Exception\\FatalThrowableError",
       ...
     }
}

When using jwt.auth instead of api.auth middleware, its output:

{
    "message": "Token not provided",
    "status_code": 401,
    "debug": {
        "line": 52,
        "file": "/vendor/tymon/jwt-auth/src/Http/Middleware/BaseMiddleware.php",
        "class": "Symfony\\Component\\HttpKernel\\Exception\\UnauthorizedHttpException",
        ...
     }
}

Expected Behaviour

I expect JWT's token not provided output

{
    "message": "Token not provided",
    "status_code": 401,
    "debug": {
        "line": 52,
        "file": "/vendor/tymon/jwt-auth/src/Http/Middleware/BaseMiddleware.php",
        "class": "Symfony\\Component\\HttpKernel\\Exception\\UnauthorizedHttpException",
        ...
     }
}

Steps to Reproduce

I using web guard for default because of API+Web using in project. I changed web to api from config/auth.php still same output happen. Not related with this issue.

There is no header in Postman(testing with it)

Possible Solutions

For now, I fix with using jwt.auth instead of api.auth. But its show "Not Protected" in php artisan api:routes

+------+----------+--------------------+---------------------------+---------------------------------------------------------------+-----------+------------+----------+------------+
| Host | Method   | URI                | Name                      | Action                                                        | Protected | Version(s) | Scope(s) | Rate Limit |
+------+----------+--------------------+---------------------------+---------------------------------------------------------------+-----------+------------+----------+------------+
|      | POST     | /api/auth/me | api.v1.auth.me      | Foo\AuthController@me                | No        | v1         |          |            |

I want use api.auth because I expect this output when I use php artisan api:routes

+------+----------+--------------------+---------------------------+---------------------------------------------------------------+-----------+------------+----------+------------+
| Host | Method   | URI                | Name                      | Action                                                        | Protected | Version(s) | Scope(s) | Rate Limit |
+------+----------+--------------------+---------------------------+---------------------------------------------------------------+-----------+------------+----------+------------+
|      | POST     | /api/auth/me | api.v1.auth.me      | Foo\AuthController@me                | Yes        | v1         |          |            |
shibby commented 6 years ago

Having same issue. Up.

erayaydin commented 6 years ago

Usage of v2.0.0-alpha2 fix the problem. It should added to other tags.

"require": {
        "dingo/api": "2.0.0-alpha2",
}

@shibby iyi çalışmalar :smile: