New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't get token with Laravel 6.0 and jwt-auth 1.0.0-rc.5 when trying to authenticate #1880
Comments
Looks like I don't find any sign of password hashing in I'm able to authenticate the user just fine, using the quick start guide |
Hello ianMustafa. Thank you for your answer. Password is hashed in the User class by defining a setter. Please see code below. `<?php namespace App; use Hash; class User extends Authenticatable implements JWTSubject
} |
Having the same issue with Laravel 6.3.0. |
I just upgraded one of our projects to Laravel 6.3, we have millions of tests and haven't had any auth issues at all, so I find it highly unlikely there's a specific problem with this package. I don't see any problems in your code, and I even tried it locally (we do our auth a bit different), and it works fine. Really not sure what the underlying issue for you is, but it's gonna be something weird ! If your project is public, feel free to link to the repo and we can have a closer look. Only other question I was gonna ask I guess is how closely you debugged this. Why are you returning just the token and not a json response containing the token as well? Looks a bit weird. |
@specialtactics Thank you for offering to help fix the issue. I haven't written tests for the project yet, but here's the repo link.
I am returning the token in a json response along with the bearer and expiration time. |
I have finally understood why it was failing. After registration, the emails were not verified and it requires emails to be verified before login. |
Hello Guys. @tvpeter I'm at work now but will try your solution later at home. Thanks to all. |
I bet you have done what I did and double hashed your password. If you follow the documentation and use the default laravel registration function (which includes password hashing) you will end up double hashing your password by putting this into your User model:
Make sure that you are not hashing your password in your registration controller! |
Hi, I'm using |
@I2C-RoyYou Can you show your controller functions for registration, your config file and your User model? |
Hi @brobey8 ! here's my code: config/auth.php:
AuthController:
routes/api.php:
Both my localhost and server can get token, but server call api/category will get P.s. my .env file has jwt_secret too! |
@I2C-RoyYou I noticed that you have your guards configured like this:
But only your api guard is configured with jwt:
Your default guards should look like this (from the docs):
You may need to go through the docs again, specifically this page: https://jwt-auth.readthedocs.io/en/develop/quick-start/ and make sure your setup is inline with the docs. |
Hi @brobey8 but this website has web login page , user can login to maintain some data, and also provide api , that frontend can get article , so I that the default keep to web ! |
@I2C-RoyYou Have you tried making the api/category requests when the default guard is set to api? |
|
@I2C-RoyYou Have you checked that you are not double hashing your password and made sure that your requests are formatted correctly? What does your user model and registration function look like? |
Hi @brobey8 here is my User.php :
but if I have double hashing problem , why my localhost can work? and if password is wrong, then I can't get the token , right? now my error is I can get the token by login api , but when I add this token to header , my server return |
@I2C-RoyYou does the header look like this?
|
yes~ |
@I2C-RoyYou :( Can you commit your code somewhere so I can have a look? |
sorry , it's company's code , I can't . |
@brobey8 I got a temporary solution , I change token position, put it to url parameters. like doc says , |
Same problem here. I can autenticate the first user I created but not new ones... and they are stored the same way with Hash::make |
I got the same problem too, can't figure the problem out. I have tested the 1.0.0.rc5.1 and still doesn't work for me. What I do is I just followed this tutorial EXACTLY with new laravel project (6.13) but the problem still persists. Does the problem is because of my OS (Windows?), or because the XAMPP? Tutorial Link |
have you try this? I use this and success auth!
|
protected $hidden = [ Remove 'password' from $hidden |
i have same problem ... i do not know why , i have been put the header key |
@I2C-RoyYou Hi,i has been sloved this problem. You can read the wiki from https://github.com/tymondesigns/jwt-auth/wiki/Authentication It tell us , when you login by the api middleware(jwt), and then, if you want to refresh the user's token,you need to parsed the user's token in request headers or in input request params firstly. LOOK AT THIS:
DO NOT READ THE MY CODE, MAY BE HELPFUL TO U:
IMPORTANT : now, you can put the header parma |
Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward? This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. |
Token value is always false
Hello. I used jwt-auth 1.0.0-rc.5 to handle authentication with laravel 6.0.
My AuthController code is pasted below.
When registering a new user with the method register in AuthController, I succesfully get a jwt token.
But when trying to athenticate the user I created earlier, token value is always false
`<?php
namespace App\Http\Controllers;
use DB;
use Hash;
use App\User;
use App\RoleUser;
use Illuminate\Http\Request;
class AuthController extends Controller
{
public function authenticate(Request $request)
{
$credentials = $request->only('email', 'password');
}
`
`<?php
return [
];
`
The text was updated successfully, but these errors were encountered: