Comments (11)
On a quick not, this happens because Laravel only treats the request as API requests when the header Accept: application/json
is present.
There are some tricks to auto inject this header on each request, but if you are doing a API only project, you won't need it.
Laravel needs to improve the API vs WEB mode, since you need to tweak the ExceptionHandler a bit to avoid redirections and html error pages.
I can help you set that up, but it's not really simple.
I may create a package with that in mind or try to contribute on the official code.
anyway, just me let me know if you need help
from laravel-jwt.
@robmpreston that's on your app middleware doing that.
this package authenticates, when you are trying to access something you should not, the Auth middleware redirects you.
That's something this package does not cover (and also no other does I guess).
I'll create a setup guide about how to handle with that
from laravel-jwt.
I must be confused... The only middleware I have on api is auth. I'm pretty sure when I used tymon's jwt-auth that it returned a 401 when the token was expired?
from laravel-jwt.
but yeah if you could help that'd be great :)
from laravel-jwt.
Check out config/auth.php
There's the default guard there, make sure to change web to API and let me know if the issue remains
from laravel-jwt.
I have guard set to api
under guards I have api driver set to jwt
I removed all middleware in app\Http\Kernel.php other than auth
I tried auth and auth:api
Both 302 redirect
from laravel-jwt.
@robmpreston my bad, just remembered how it wors. I was on mobile so I could not check.
Here's the deal. the auth middleware checks if you are logged in in all available guards.
as you are not in none of them. it throws the Illuminate\Auth\AuthenticationException
Who sends the 302 is the Exception Handler.
on app/Exceptions/Handler, there's this method:
protected function unauthenticated($request, AuthenticationException $exception)
{
if ($request->expectsJson()) {
return response()->json(['error' => 'Unauthenticated.'], 401);
}
return redirect()->guest('login');
}
So you can just remove the expects json part and return json always:
protected function unauthenticated($request, AuthenticationException $exception)
{
return response()->json(['error' => 'Unauthenticated.'], 401);
}
Got it?
from laravel-jwt.
unauthenticated seems to be gone in Laravel 5.5 so I just added it to the render function
from laravel-jwt.
It's just hidden.
The Exception class extends the framework class.
that's what it looks in 5.5
protected function unauthenticated($request, AuthenticationException $exception)
{
return $request->expectsJson()
? response()->json(['message' => 'Unauthenticated.'], 401)
: redirect()->guest(route('login'));
}
see the redirect there, you can just create the method, it will override the parent class one.
from laravel-jwt.
Thanks, all seems good now - got my full refresh flow working with axios.
from laravel-jwt.
Thanks. Please share the word about this package if you found it useful :) thanks
from laravel-jwt.
Related Issues (20)
- Error: KeyGenerateCommand::handle() does not exist HOT 6
- \Illuminate\Auth\Events\Login not firing HOT 8
- Contributing guide HOT 7
- Package autodiscovery HOT 2
- Find user by a combination of parameters or validate token in a different way (possible security issue) HOT 4
- Allow to change secret key before or after Manager initialization HOT 1
- Genarate token for never expirate HOT 3
- Como funciona a função tokenFromUser ?
- Method Codecasts\Auth\JWT\Console\KeyGenerateCommand::handle() does not exist HOT 2
- Redirect to [login] when JWT isn't sent? HOT 6
- Don't forget config:clear!
- Method issue() does not exist. HOT 1
- Decode token HOT 2
- Typo in readme.md? HOT 1
- Adding RS-256/512 JWT signature methods HOT 1
- How to logout/blacklist HOT 5
- manual .env key HOT 1
- Repository abandoned? HOT 2
- Bearer Token and query parameter conflict HOT 1
- Laravel 8 compatibility
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from laravel-jwt.