RichardFans
commented
8 years ago my solution:
`namespace App\Http\Middleware;
class Authenticate { public function handle($request, Closure $next, $guard = null) { if (Auth::guard($guard)->guest()) { if ($request->ajax() || $request->wantsJson()) { if ($guard == 'admin') { try { $guard = Auth::guard($guard); $token = $guard->call('getToken', []); if (!$token) { return $this->respond('tymon.jwt.absent', 'token_not_provided', 400); } $guard->call('checkOrFail', []); } catch (TokenInvalidException $e) { return response(['code' => 1, 'msg' => 'Token is invalid'], 401); } catch (TokenExpiredException $e) { try { $newToken = $guard->__call('refresh', []); } catch (TokenExpiredException $e) { return response(['code' => 3, 'msg' => 'Token has expired and can no longer be refreshed'], 401); } catch (JWTException $e) { return response(['code' => 1, 'msg' => 'Token is invalid'], 401); } return response(['code' => 2, 'msg' => 'Token has expired', 'token' => $newToken], 401); } catch (JWTException $e) { return $this->respond('tymon.jwt.invalid', 'token_invalid', $e->getStatusCode(), [$e]); } } return response('Unauthorized.', 401); } return redirect()->guest('login'); } return $next($request); } } `
AndyYuenOk
So how can server side make clients know if their token is expired and then refresh them? Create a middleware for checking that, In the middleware, use checkOrFail() of JWT class and catch Exception ? Any suggestion? Thanks. Question from: #646 and I follow handsom mtpultz's guide from #513