Closed dennisoderwald closed 10 years ago
The library calls toArray
on the user model which handles the hidden attributes: https://github.com/tappleby/laravel-auth-token/blob/master/src/Tappleby/AuthToken/AuthTokenController.php#L78
Is your model in app/config/auth.php
set to the correct class? (https://github.com/laravel/laravel/blob/v4.1.27/app/config/auth.php#L31)
Hi,
thanks for your fast response!
Yes, of course. My app/config/auth.php is fine.
return array(
/*
|--------------------------------------------------------------------------
| Default Authentication Driver
|--------------------------------------------------------------------------
|
| This option controls the authentication driver that will be utilized.
| This driver manages the retrieval and authentication of the users
| attempting to get access to protected areas of your application.
|
| Supported: "database", "eloquent"
|
*/
'driver' => 'eloquent',
/*
|--------------------------------------------------------------------------
| Authentication Model
|--------------------------------------------------------------------------
|
| When using the "Eloquent" authentication driver, we need to know which
| Eloquent model should be used to retrieve your users. Of course, it
| is often just the "User" model but you may use whatever you like.
|
*/
'model' => 'User',
/*
|--------------------------------------------------------------------------
| Authentication Table
|--------------------------------------------------------------------------
|
| When using the "Database" authentication driver, we need to know which
| table should be used to retrieve your users. We have chosen a basic
| default value but you may easily change it to any table you like.
|
*/
'table' => 'users',
Hrm strange, I will have to test it out this evening.
Ok, thanks!
@tappleby is tested? :)
Sorry about the delay, just tested this on my local copy and the hidden field is working as expected:
User.php
class User extends Eloquent implements UserInterface, RemindableInterface {
protected $hidden = array('password', 'password_raw');
...
}
http POST http://php.dev/l4_1/public/auth username=roger.hamilton98@example.com password=tosser
Response:
{
"token": "eyJpdiI6IlFcL2FCdU5GMjlOaXZHZk1qXC90UHdva1wvM3lyZkVFTisybFdHeWpcL0NuV0VjPSIsInZhbHVlIjoid2crWWprU0xCK3NPdzdaZ3hvMk5FU3Q2dUtiS0VxQmVtSVdmaEVNeVhPMDJkdWVEcnR1ZmpseEVldWV1VTdkRGt4TktjQmxQd1ZKbEIrME1GOXlzODA2K2h2MSt2cWNaTHlJY0NpeEYwaFwvOHVEMzgzRzFTV3pQM21QSTZKeVBEcUpjdEdMNEtcL2o2NVZnMDFGNzZ3SjY3ajQxdFRDRTZlbDllNmNzZjJ1N1E9IiwibWFjIjoiOWVlMmVhN2YxMTEwMTJiMmRhZmI3NjYwN2M5ZWRjYTJhM2U2ZjY2MGZkYjRiNWQwZTRiODcyNDczZDBhNDg0OCJ9",
"user": {
"created_at": "2013-12-14 18:45:39",
"email": "roger.hamilton98@example.com",
"first_name": "roger",
"id": 1,
"last_name": "hamilton",
"picture": "http://api.randomuser.me/0.2/portraits/men/5.jpg",
"updated_at": "2013-12-14 18:45:39"
}
}
Strange - I'll check it again
We defined in User Model 'hidden' (protected), when i call a manual eloquent query the fields are hidden. When i use the auth (POST (store()), i see all fields.