newaeonweb
commented
6 years ago Same problem here.
Open vsilva472 opened 6 years ago
newaeonweb
commented
6 years ago Same problem here.
gavinliu6
commented
6 years ago Same problem here.
s00d
commented
6 years ago Same problem here.
stefanocurnis
commented
5 years ago Same problem here.
Bogardo
commented
5 years ago The TokenExpiredException is in fact thrown.
In the case that the token is expired but can be refreshed:
https://github.com/tymondesigns/jwt-auth/blob/develop/src/Claims/Expiration.php#L31
In the case that the token is expired and cannot be refreshed: https://github.com/tymondesigns/jwt-auth/blob/develop/src/Claims/IssuedAt.php#L59
But the Exceptions in both instances are caught and ignored, only false is being returned by the check() method.
https://github.com/tymondesigns/jwt-auth/blob/develop/src/JWT.php#L151
/**
* Check that the token is valid.
*
* @param bool $getPayload
*
* @return \Tymon\JWTAuth\Payload|bool
*/
public function check($getPayload = false)
{
try {
$payload = $this->checkOrFail();
} catch (JWTException $e) {
return false;
}
return $getPayload ? $payload : true;
}
napoleon-na
commented
5 years ago Hello, I faced with same problem and resolved it by overriding authenticate method in middleware. This might not be good solution though, hope to help someone.
protected function authenticate($request, array $guards)
{
if (empty($guards)) {
$guards = [null];
}
foreach ($guards as $guard) {
if ($this->auth->guard($guard)->check()) {
return $this->auth->shouldUse($guard);
} elseif ($guard == 'api') {
// check() returns false means that throws JWTException
return $this->auth->guard($guard)->checkOrFail();
}
}
throw new AuthenticationException(
'Unauthenticated.', $guards, $this->redirectTo($request)
);
}
ogisusu
commented
5 years ago I also faced the same problem and solved it as follows.
Route::get('me', 'ApiController@me')->middleware('jwt:auth');I changed the middleware from "auth:api" to "jwt:auth".
dhcmega
commented
5 years ago @ogisusu Hi, how is your auth file? Because your solution gave me a "class not found".
jampack
commented
5 years ago @dhcmega its a middleware so u need to register it first
dhcmega
commented
4 years ago @ogisusu please let me know which middleware where you using.
I have 'auth' => \App\Http\Middleware\Authenticate::class registered, that's why I have 'auth:api' for my routes.
It doesn't matter if I use jwt or auth, the important thing (I think) is the middleware actually used.
Thanks!
dhcmega
commented
4 years ago @napoleon-na please let me know how you handled the response, as using your fix triggers an exception that is never catched and status code is 500, not 401 nor 419. Thanks!
Edit: I have for now catched it at Handler::render.
stale[bot]
commented
3 years ago Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
JWT does not return TokenExpiredException
I'm trying to return a 419 response to client side in case of token expired but i think the Tymon\JWTAuth\Exceptions\TokenExpiredException is never instantiate at App\Exceptions\Handler.
Your environment
Steps to reproduce
-Install JWT package with the version described above
Expected behaviour
A log entry at storage\logs\laravel.log [2018-05-09 13:35:41] local.INFO: Tymon\JWTAuth\Exceptions\TokenExpiredException
Actual behaviour
A log entry at storage\logs\laravel.log [2018-05-09 13:35:41] local.INFO: Illuminate\Auth\AuthenticationException