Open pandeptwidyaop opened 5 years ago
@tymondesigns I am having the very same issue. any help on this would be very much appreciated. I am using version 0.5 in an app built with Laravel 5.3 and it has a key user
in JWTconfig file but that key doesn't work for me in Laravel 5.8. I am using version dev-develop#f72b8eb as 1.0.0-rc.3.2
as mention on an issue #1765
You are using that middleware twice - once in router, second time in controller itself. Either remove middleware group from router - because you have it in controller constructor, or use that route outside of that group.
Any update or solution on this... I am facing similar issue
MCFreddie777 you are right, thanks!!
I encountered this error (although my default guard was 'web') and it turned out my token, passed as a param, was wrapped in quotes thereby preventing authentication. I removed the quotes before making the request and authentication worked as expected.
I just had this exact same scenario when testing a copy of the web app.
Login would return the token, but any subsequent call to a guarded route resulted in Unauthenticated
.
Running php artisan jwt:generate
created JWT_SECRET on .env and all was good.
I just had this exact same scenario when testing a copy of the web app. Login would return the token, but any subsequent call to a guarded route resulted in
Unauthenticated
.Running
php artisan jwt:generate
created JWT_SECRET on .env and all was good.
Hi, I'm using the same way "jwt:secret" , but still get 401 Unauthorized , anyone can help? It can run on my localhost , but I put it into gcp then turns 401 ... someone can help?
I have laravel v7 and jwt v1.0.0 same issue
Route::group([ 'middleware' => 'api', 'prefix' => 'auth' ], function ($router) {
Route::post('login', 'AuthController@login');
Route::post('register', 'AuthController@register');
Route::post('update', 'AuthController@update');
Route::post('logout', 'AuthController@logout');
Route::post('refresh', 'AuthController@refresh');
Route::post('me', 'AuthController@me');
});
Subject
I have followed all the steps in the JWT documentation, when I login and get access_token and try to access the route I always get an Unauthenticated message.
Environment
Q A Bug? no New Feature? no Framework Laravel Framework version 5.7.25 Package version 1.0.0-rc.3 PHP version 7.2.10
api.php
Route::group(['prefix' => 'auth'], function($q){ Route::post('login','AdminController@login'); Route::post('me','AdminController@me'); });
config/auth.php
'defaults' => [ 'guard' => 'api', 'passwords' => 'users', ], 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'jwt', 'provider' => 'admin', ], ], 'providers' => [ 'user' => [ 'driver' => 'eloquent', 'model' => App\User::class, ], 'admin' => [ 'driver' => 'eloquent', 'model' => App\Admin::class, ], ],
Admin Model
<?php namespace App; use Tymon\JWTAuth\Contracts\JWTSubject; use Illuminate\Database\Eloquent\Model; use Illuminate\Foundation\Auth\User as Authenticatable; class Admin extends Authenticatable implements JWTSubject { public $incrementing = true; protected $table = 'admin'; protected $hidden = [ 'password', 'remember_token', 'is_active' ]; public function getJWTIdentifier() { return $this->getKey; } public function getJWTCustomClaims() { return []; } }
AdminController
class AdminController extends Controller { public function __construct() { $this->middleware('auth:api', ['except' => ['login']]); } public function login() { $credentials = ['email' => request('email'), 'password' => request('password'), 'is_active' => 1]; if (! $token = auth()->attempt($credentials)) { return response()->json(['error' => 'Unauthorized'], 401); } return $this->respondWithToken($token); } public function me() { return response()->json(auth()->user()); } public function logout() { auth()->logout(); return response()->json(['message' => 'Successfully logged out']); } public function refresh() { return $this->respondWithToken(auth()->refresh()); } protected function respondWithToken($token) { return response()->json([ 'user' => auth()->user(), 'token' => $token, 'token_type' => 'bearer', 'expires_in' => auth()->factory()->getTTL() * 60 ]); }
PostMan
{ "message": "Unauthenticated." }
I am facing same issue. were you able to get it resolved? i need help
Subject
I have followed all the steps in the JWT documentation, when I login and get access_token and try to access the route I always get an Unauthenticated message.
Environment
Q A Bug? no New Feature? no Framework Laravel Framework version 5.7.25 Package version 1.0.0-rc.3 PHP version 7.2.10
api.php
Route::group(['prefix' => 'auth'], function($q){ Route::post('login','AdminController@login'); Route::post('me','AdminController@me'); });
config/auth.php
'defaults' => [ 'guard' => 'api', 'passwords' => 'users', ], 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'jwt', 'provider' => 'admin', ], ], 'providers' => [ 'user' => [ 'driver' => 'eloquent', 'model' => App\User::class, ], 'admin' => [ 'driver' => 'eloquent', 'model' => App\Admin::class, ], ],
Admin Model
<?php namespace App; use Tymon\JWTAuth\Contracts\JWTSubject; use Illuminate\Database\Eloquent\Model; use Illuminate\Foundation\Auth\User as Authenticatable; class Admin extends Authenticatable implements JWTSubject { public $incrementing = true; protected $table = 'admin'; protected $hidden = [ 'password', 'remember_token', 'is_active' ]; public function getJWTIdentifier() { return $this->getKey; } public function getJWTCustomClaims() { return []; } }
AdminController
class AdminController extends Controller { public function __construct() { $this->middleware('auth:api', ['except' => ['login']]); } public function login() { $credentials = ['email' => request('email'), 'password' => request('password'), 'is_active' => 1]; if (! $token = auth()->attempt($credentials)) { return response()->json(['error' => 'Unauthorized'], 401); } return $this->respondWithToken($token); } public function me() { return response()->json(auth()->user()); } public function logout() { auth()->logout(); return response()->json(['message' => 'Successfully logged out']); } public function refresh() { return $this->respondWithToken(auth()->refresh()); } protected function respondWithToken($token) { return response()->json([ 'user' => auth()->user(), 'token' => $token, 'token_type' => 'bearer', 'expires_in' => auth()->factory()->getTTL() * 60 ]); }
PostMan
{ "message": "Unauthenticated." }
I am facing same issue. were you able to get it resolved? i need help
yes , I solved ! I put token in url parameters , like "http://xxx.com?token=
As mentioned above a solution that works for me is to send the token: "http://xxx.com?token=" Now there must be a solution to send it by bearer token
@sbalex27 I would suggest the following if you want to make use of the Authorization header Bearer token:
$input = [ 'email' => $request->getUser(), 'password' => $request->getPassword() ];
To login and receive the JWT token: $token = auth($guard)->attempt($input)
($guard
is needed when you make use of multi guard auth models)
I just had this exact same scenario when testing a copy of the web app. Login would return the token, but any subsequent call to a guarded route resulted in
Unauthenticated
. Runningphp artisan jwt:generate
created JWT_SECRET on .env and all was good.Hi, I'm using the same way "jwt:secret" , but still get 401 Unauthorized , anyone can help? It can run on my localhost , but I put it into gcp then turns 401 ... someone can help?
Same issue
Acabei de ter exatamente o mesmo cenário ao testar uma cópia do aplicativo da web. O login retornaria o token, mas qualquer chamada subsequente para uma rota protegida resultaria em
Unauthenticated
. A execuçãophp artisan jwt:generate
criou JWT_SECRET em .env e tudo estava bem.Olá, estou usando o mesmo caminho "jwt:secret" , mas ainda recebo 401 Unauthorized , alguém pode ajudar? Ele pode rodar no meu localhost, mas eu coloco no gcp e dá 401... alguém pode ajudar?
Mesmo problema Bom, pra todos que estão tendo esse problema, uma coisa que pode funcionar é remover o construtor do AuthController. Pois se vc já está colocando aquela rota protegido pelo middleware no arquivo de rotas. Se Fizer isso em dois lugares (nas rotas e no controller) o laravel não irá entender.
You are using that middleware twice - once in router, second time in controller itself. Either remove middleware group from router - because you have it in controller constructor, or use that route outside of that group.
This worked flawlessly. Thanks.
Subject
I have followed all the steps in the JWT documentation, when I login and get access_token and try to access the route I always get an Unauthenticated message.
Environment
api.php
config/auth.php
Admin Model
AdminController
PostMan