-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remember Me and Forgot Password functionality in JWT Auth #261
Comments
JWT is not responsible for this; it provides "stateless authentication" for a User but the actual authentication is still handled by Laravel under water. |
@mirague Thanks for the reply. I have: And as per laravel, I need Auth::attempth and pass remember flag. SO how this is possible using JWT Auth? |
The client needs to store the token locally, in for example a cookie or local storage. This is the API-endpoint I use in one of my projects. With the client I
|
Thanks a lot for the reply @mirague. My authenticate function is just same like yours. But I need something like this, public function authenticate(Request $request)
|
Hi, this library is awesome. attempt(array $credentials = [], array $customClaims = []) It can be used to make the call as said in the docs? http://laravel.com/docs/5.0/authentication#authenticating-users if (Auth::attempt(['email' => $email, 'password' => $password], $remember))
{
// The user is being remembered...
} |
did anyone fix this functionality? |
Your API doesn't store the session (at least it shouldn't), that is where the "remember" information would be stored. JWTAuth validates username and password only and then generates a token to send back. If you want your client application to remember the user, you have to store the token in a permanent cookie or local storage for your client application to look for and then skip the login page if found. I would also add in some method to validate the token before letting them into the site before they get an error that the token is invalid. |
@shraddhabanerjee 1) About Remember MeWhat you can do is use the JWTAuth and set time to expire to a really long time if the user selects Remember Me .. that way the token will not expire and you can reuse the token anytime , you don't have to ask the user to log in again. 2)About Forgot PasswordJWTAuth has got nothing to do with forgot password , you will have write code by yourself to handle if the user cannot remember the password . peace |
@harshitdkanodia Still stuck with remember me functionality. Either you can use JWT Auth or Laravel Auth. So Laravel Auth attempt function provides $remember flag for remember me functionality, but in JWT Auth its not possible. Will try to use the solution you have mentioned and get back. |
@harshitdkanodia, thanks for the reply, I understand your reasoning with the first bullet point, and will be sure to follow your advice. |
@harshitdkanodia I couldn't find a way to increase expiry time for particular user. Can you guide me on that? |
@evivz if you read the documentation, you can set your custom claims. $customClaims = ['exp' => date('Y-m-d', strtotime('+2 week'))]; $token = JWTAuth::attempt($credentials, $customClaims) |
This is accurate for 0.5.x, but in 1.0.x, the There are couple ways to do this (the common solution is to call // inside your User class:
public function getJWTCustomClaims() {
if ($this->can('use-extended-token-timelines')) {
$expiration = Carbon::now('UTC')->addWeeks(2)->getTimestamp();
return ['exp' => $expiration];
}
return [];
} (This is an example I took from an actual project to give more context. The |
Hey! |
This library exclusively supports Laravel at the moment. I suspect it would be a very great challenge to get it to work in CakePHP... (Also AFAIK, Cake doesn't have a built-in password reset) |
Hi @shraddhabanerjee, could you please share your code for the forgot password functionality, I am implementing the same thing in laravel and angularjs using JWTAuth. |
I used this tutorial to use JWT in cake : |
@majdichaabene Ouch 👍 @shraddhabanerjee to the rescue |
@shraddhabanerjee I am also implementing the forgot password functionality usingJWT Auth with Laravel api and angular js UI. Could you please share the code. |
There is a great tuto for the FOrgot Password with Lumen 6 https://medium.com/@nbulian/lumen-6-laravels-reset-passwords-b5157d2d4717 |
Hi,
I have used JWT Auth for logging in my users to the application. But there is no information about how to give facility to users to remember them on the site and how to reset password when password is forgotten. There are ways to do this with laravel inbuilt authentication, but cant figure out how to do the same with JWT Auth. Does JWT Auth use Auth\Guard.php or is there anything else I need to change.
Thanks in advance! :)
The text was updated successfully, but these errors were encountered: