Open pandeptwidyaop opened 5 years ago
mubassirhayat
commented
5 years ago @tymondesigns I am having the very same issue. any help on this would be very much appreciated. I am using version 0.5 in an app built with Laravel 5.3 and it has a key user in JWTconfig file but that key doesn't work for me in Laravel 5.8. I am using version dev-develop#f72b8eb as 1.0.0-rc.3.2 as mention on an issue #1765
MCFreddie777
commented
5 years ago You are using that middleware twice - once in router, second time in controller itself. Either remove middleware group from router - because you have it in controller constructor, or use that route outside of that group.
RahulMaurya02
commented
5 years ago Any update or solution on this... I am facing similar issue
infomanR
commented
5 years ago MCFreddie777 you are right, thanks!!
jwarshaw
commented
5 years ago I encountered this error (although my default guard was 'web') and it turned out my token, passed as a param, was wrapped in quotes thereby preventing authentication. I removed the quotes before making the request and authentication worked as expected.
dv336699
commented
4 years ago I just had this exact same scenario when testing a copy of the web app.
Login would return the token, but any subsequent call to a guarded route resulted in Unauthenticated.
Running php artisan jwt:generate created JWT_SECRET on .env and all was good.
I2C-RoyYou
commented
4 years ago I just had this exact same scenario when testing a copy of the web app. Login would return the token, but any subsequent call to a guarded route resulted in
Unauthenticated.Running
php artisan jwt:generatecreated JWT_SECRET on .env and all was good.
Hi, I'm using the same way "jwt:secret" , but still get 401 Unauthorized , anyone can help? It can run on my localhost , but I put it into gcp then turns 401 ... someone can help?
jamal-rahimzadegan
commented
4 years ago I have laravel v7 and jwt v1.0.0 same issue
satya-kr
commented
4 years ago Route::group([ 'middleware' => 'api', 'prefix' => 'auth' ], function ($router) {
Route::post('login', 'AuthController@login');
Route::post('register', 'AuthController@register');
Route::post('update', 'AuthController@update');
Route::post('logout', 'AuthController@logout');
Route::post('refresh', 'AuthController@refresh');
Route::post('me', 'AuthController@me');
});
sirkenedy
commented
3 years ago Subject
I have followed all the steps in the JWT documentation, when I login and get access_token and try to access the route I always get an Unauthenticated message.
Environment
Q A Bug? no New Feature? no Framework Laravel Framework version 5.7.25 Package version 1.0.0-rc.3 PHP version 7.2.10
api.php
Route::group(['prefix' => 'auth'], function($q){ Route::post('login','AdminController@login'); Route::post('me','AdminController@me'); });config/auth.php
'defaults' => [ 'guard' => 'api', 'passwords' => 'users', ], 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'jwt', 'provider' => 'admin', ], ], 'providers' => [ 'user' => [ 'driver' => 'eloquent', 'model' => App\User::class, ], 'admin' => [ 'driver' => 'eloquent', 'model' => App\Admin::class, ], ],Admin Model
<?php namespace App; use Tymon\JWTAuth\Contracts\JWTSubject; use Illuminate\Database\Eloquent\Model; use Illuminate\Foundation\Auth\User as Authenticatable; class Admin extends Authenticatable implements JWTSubject { public $incrementing = true; protected $table = 'admin'; protected $hidden = [ 'password', 'remember_token', 'is_active' ]; public function getJWTIdentifier() { return $this->getKey; } public function getJWTCustomClaims() { return []; } }AdminController
class AdminController extends Controller { public function __construct() { $this->middleware('auth:api', ['except' => ['login']]); } public function login() { $credentials = ['email' => request('email'), 'password' => request('password'), 'is_active' => 1]; if (! $token = auth()->attempt($credentials)) { return response()->json(['error' => 'Unauthorized'], 401); } return $this->respondWithToken($token); } public function me() { return response()->json(auth()->user()); } public function logout() { auth()->logout(); return response()->json(['message' => 'Successfully logged out']); } public function refresh() { return $this->respondWithToken(auth()->refresh()); } protected function respondWithToken($token) { return response()->json([ 'user' => auth()->user(), 'token' => $token, 'token_type' => 'bearer', 'expires_in' => auth()->factory()->getTTL() * 60 ]); }PostMan
{ "message": "Unauthenticated." }
I am facing same issue. were you able to get it resolved? i need help
I2C-RoyYou
commented
3 years ago Subject
I have followed all the steps in the JWT documentation, when I login and get access_token and try to access the route I always get an Unauthenticated message.
Environment
Q A Bug? no New Feature? no Framework Laravel Framework version 5.7.25 Package version 1.0.0-rc.3 PHP version 7.2.10
api.php
Route::group(['prefix' => 'auth'], function($q){ Route::post('login','AdminController@login'); Route::post('me','AdminController@me'); });config/auth.php
'defaults' => [ 'guard' => 'api', 'passwords' => 'users', ], 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'jwt', 'provider' => 'admin', ], ], 'providers' => [ 'user' => [ 'driver' => 'eloquent', 'model' => App\User::class, ], 'admin' => [ 'driver' => 'eloquent', 'model' => App\Admin::class, ], ],Admin Model
<?php namespace App; use Tymon\JWTAuth\Contracts\JWTSubject; use Illuminate\Database\Eloquent\Model; use Illuminate\Foundation\Auth\User as Authenticatable; class Admin extends Authenticatable implements JWTSubject { public $incrementing = true; protected $table = 'admin'; protected $hidden = [ 'password', 'remember_token', 'is_active' ]; public function getJWTIdentifier() { return $this->getKey; } public function getJWTCustomClaims() { return []; } }AdminController
class AdminController extends Controller { public function __construct() { $this->middleware('auth:api', ['except' => ['login']]); } public function login() { $credentials = ['email' => request('email'), 'password' => request('password'), 'is_active' => 1]; if (! $token = auth()->attempt($credentials)) { return response()->json(['error' => 'Unauthorized'], 401); } return $this->respondWithToken($token); } public function me() { return response()->json(auth()->user()); } public function logout() { auth()->logout(); return response()->json(['message' => 'Successfully logged out']); } public function refresh() { return $this->respondWithToken(auth()->refresh()); } protected function respondWithToken($token) { return response()->json([ 'user' => auth()->user(), 'token' => $token, 'token_type' => 'bearer', 'expires_in' => auth()->factory()->getTTL() * 60 ]); }PostMan
{ "message": "Unauthenticated." }I am facing same issue. were you able to get it resolved? i need help
yes , I solved ! I put token in url parameters , like "http://xxx.com?token=
sbalex27
commented
3 years ago As mentioned above a solution that works for me is to send the token: "http://xxx.com?token=" Now there must be a solution to send it by bearer token
DebugTheCode
commented
3 years ago @sbalex27 I would suggest the following if you want to make use of the Authorization header Bearer token:
$input = [ 'email' => $request->getUser(), 'password' => $request->getPassword() ];
To login and receive the JWT token: $token = auth($guard)->attempt($input) ($guard is needed when you make use of multi guard auth models)
Xpressglobe
commented
2 years ago I just had this exact same scenario when testing a copy of the web app. Login would return the token, but any subsequent call to a guarded route resulted in
Unauthenticated. Runningphp artisan jwt:generatecreated JWT_SECRET on .env and all was good.Hi, I'm using the same way "jwt:secret" , but still get 401 Unauthorized , anyone can help? It can run on my localhost , but I put it into gcp then turns 401 ... someone can help?
Same issue
ProgramacaoEco
commented
1 year ago Acabei de ter exatamente o mesmo cenário ao testar uma cópia do aplicativo da web. O login retornaria o token, mas qualquer chamada subsequente para uma rota protegida resultaria em
Unauthenticated. A execuçãophp artisan jwt:generatecriou JWT_SECRET em .env e tudo estava bem.Olá, estou usando o mesmo caminho "jwt:secret" , mas ainda recebo 401 Unauthorized , alguém pode ajudar? Ele pode rodar no meu localhost, mas eu coloco no gcp e dá 401... alguém pode ajudar?
Mesmo problema Bom, pra todos que estão tendo esse problema, uma coisa que pode funcionar é remover o construtor do AuthController. Pois se vc já está colocando aquela rota protegido pelo middleware no arquivo de rotas. Se Fizer isso em dois lugares (nas rotas e no controller) o laravel não irá entender.
rzshss
commented
10 months ago You are using that middleware twice - once in router, second time in controller itself. Either remove middleware group from router - because you have it in controller constructor, or use that route outside of that group.
This worked flawlessly. Thanks.
Subject
I have followed all the steps in the JWT documentation, when I login and get access_token and try to access the route I always get an Unauthenticated message.
Environment
api.php
config/auth.php
Admin Model
AdminController
PostMan