Open vsilva472 opened 6 years ago
Same problem here.
Same problem here.
Same problem here.
Same problem here.
The TokenExpiredException
is in fact thrown.
In the case that the token is expired but can be refreshed:
https://github.com/tymondesigns/jwt-auth/blob/develop/src/Claims/Expiration.php#L31
In the case that the token is expired and cannot be refreshed: https://github.com/tymondesigns/jwt-auth/blob/develop/src/Claims/IssuedAt.php#L59
But the Exceptions in both instances are caught and ignored, only false
is being returned by the check()
method.
https://github.com/tymondesigns/jwt-auth/blob/develop/src/JWT.php#L151
/**
* Check that the token is valid.
*
* @param bool $getPayload
*
* @return \Tymon\JWTAuth\Payload|bool
*/
public function check($getPayload = false)
{
try {
$payload = $this->checkOrFail();
} catch (JWTException $e) {
return false;
}
return $getPayload ? $payload : true;
}
Hello, I faced with same problem and resolved it by overriding authenticate method in middleware. This might not be good solution though, hope to help someone.
protected function authenticate($request, array $guards)
{
if (empty($guards)) {
$guards = [null];
}
foreach ($guards as $guard) {
if ($this->auth->guard($guard)->check()) {
return $this->auth->shouldUse($guard);
} elseif ($guard == 'api') {
// check() returns false means that throws JWTException
return $this->auth->guard($guard)->checkOrFail();
}
}
throw new AuthenticationException(
'Unauthenticated.', $guards, $this->redirectTo($request)
);
}
I also faced the same problem and solved it as follows.
Route::get('me', 'ApiController@me')->middleware('jwt:auth');
I changed the middleware from "auth:api" to "jwt:auth".
@ogisusu Hi, how is your auth file? Because your solution gave me a "class not found".
@dhcmega its a middleware so u need to register it first
@ogisusu please let me know which middleware where you using.
I have 'auth' => \App\Http\Middleware\Authenticate::class
registered, that's why I have 'auth:api'
for my routes.
It doesn't matter if I use jwt
or auth
, the important thing (I think) is the middleware actually used.
Thanks!
@napoleon-na please let me know how you handled the response, as using your fix triggers an exception that is never catched and status code is 500, not 401 nor 419. Thanks!
Edit: I have for now catched it at Handler::render.
Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
JWT does not return TokenExpiredException
I'm trying to return a 419 response to client side in case of token expired but i think the Tymon\JWTAuth\Exceptions\TokenExpiredException is never instantiate at App\Exceptions\Handler.
Your environment
Steps to reproduce
-Install JWT package with the version described above
Expected behaviour
A log entry at storage\logs\laravel.log [2018-05-09 13:35:41] local.INFO: Tymon\JWTAuth\Exceptions\TokenExpiredException
Actual behaviour
A log entry at storage\logs\laravel.log [2018-05-09 13:35:41] local.INFO: Illuminate\Auth\AuthenticationException