New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Login with JWT and Web #1669
Comments
you can use middleware web etc for that .And use auth:web middleware for authentication. For part you need jwt use api and auth:api |
@shirshak55 would you be able to provide an example of this? I am trying to achieve the same thing for 2 days now and I can't. For me it all depends on what I put in the /config/auth.php file. if Thanks! |
@LastxTemplar the best option is to put web by default and use middleware api explicitly :) |
hey @shirshak55
Here is my routes/api.php
And here is my ApiAuthController.php
I used With this current setup I am now able to login from the webpage but when trying to login through the API by posting to Now, if I change my
I can now login successfully through the API but if I go to my browser and try to login, I just get redirected to the login page without actually being logged in. It seems to me that the framework does not handle correctly the default values in the Thanks in advance for your help! |
for api route use api guard bro.
Or
Otherwise auth() will use web which don't work with api. I am using web route and jwt is working perfectly Here is my sample authenticate controller
|
Oh wow, this actually worked! Thank you so much!
|
@LastxTemplar $this->middleware('auth:api', ['except' => ['login']]); means the route which is hitting this controller requires authentication with driver api. If not then it throws invalid message. auth('api') means use api based authentication manager so auth('api')->check() means using use api based which you have set
If you dont use anything it uses default guard so auth() means auth('default_guard_name') |
Thanks, makes more sense now :) |
@shirshak55 @LastxTemplar I was stuck at this as welll... but now what happened is I have auth::api() in my middleware. If I pass token the it works fine ... but i have a route whose controller checks if user is authenticated() or not.. If I pass auth:api it will authenticate and I can check for auth() in my controller if I dont pass authorization it blocks it what should I do ? |
@rakeshshubhu pass api middleware so you can use |
Hi, My Friend |
@mratwan Yes saying same if u use default guard as jwt u can use But most people use web as guard so I recomment using By the way we will need to set middleware to api otherwise we may get unexpected result. |
Hi @shirshak55 ! Do you know about error Method Illuminate\Auth\RequestGuard::attempt does not exist ? I think it's related with this thread, I cannot access that method, do you have any solution? I already read it in other thread but no one can fix it. Thanks! |
@athallara check ur config auth file and what is the value? |
@shirshak55 Here it is.. `<?php ] |
it looks good. did u use middleware: api? |
@shirshak yeah sir, I already do that :( |
@athallara hmm can u show me how is ur routes files? |
@shirshak55 here sir, fyi i'ts rest api using lumen 5.8.6 .. is there any different configuration for it? `$router->group([
});` |
do 'middleware' => 'api' //if this commented still doesn't work don't comment that though if u are using api route And |
@shirshak55 thanks sir! it's worked! I don't know why, I already do dump-autoload before but still doesn't work, but it's work this time! Thanks! :) |
why would u use jwt for horizon it should work perfectly on session based
auth
…On Tue, Oct 15, 2019, 3:57 PM François M. ***@***.***> wrote:
Anyone got authentication to work with Laravel Horizon?
// config/horizon.php
'middleware' => ['web', 'jwt.auth'],
// HorizonServiceProvider.php
Gate::define('viewHorizon', function ($user) {
return in_array($user->email, [
***@***.***',
]);
});
I tried getting the user in boot, but auth()->guard()->user() always
returns null.
Thanks.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1669?email_source=notifications&email_token=AB5Y4YPEKZGZICW7VJEMNE3QOWJSFA5CNFSM4FWRKMQ2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEBIGYEY#issuecomment-542141459>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AB5Y4YIJKV5QWIQZVEWQHADQOWJSFANCNFSM4FWRKMQQ>
.
|
@shirshak55 I'm still having issues even if I'm using the same as what example you have given. I'm getting error in my postman saying Method Illuminate\Auth\SessionGuard::factory does not exist. |
My bad. I just missed to modify this part also 'expires_in' => $this->guard()->factory()->getTTL() * 60 |
@shirshak55 Can you please explain to me sir, why both my login and register function works if excluded on middleware('auth:api')? |
@fingersandmind sir are u using web.php file or api.php file inside routes? By default api uses api middleware and web uses web middleware . So horizon etc can only work on web middle as per as I know. Regarding login u must only use api middleware and do have to configure guards etc properly so it wont collide sir. |
For anyone that wants to handle this better... I used the following. https://medium.com/@JinoAntony/multi-user-api-authentication-using-laravel-jwt-8ae572b0c4cf It does a better job of this by creating a middleware that assigns a guard This way you dont have to change your Auth config only add a provider and then use the assign guard middleware on the route to selectively assign the guard you want to use. Do note the jwt.auth will fail a route that is not authenticated so only use the guard like so
if you have a route that is authenticate with a token you can add on that jwt.auth. This resolves the issue of needing to add the api as default allowing you to use the web frontend and api without issue. |
This solved it for me.. |
Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward? This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. |
i have a website and i want to do security with jwt how can i do this with web.php without using api |
Hi there,
until now i use jwt to login in my api. But now i want to use Horizon additionally. To secure the horizon app, i want to use the laravel LoginController. The Login succes, but the auth()->user() is everytime null. Mayby its an conflict with JWT, what can i do?
Cheers
Ralf
The text was updated successfully, but these errors were encountered: