tymondesigns / jwt-auth Goto Github PK

Hello, as I said before (on twitter), really nice library, does much much more than simply encoding / decoding tokens which is nice, but that leaves more questions in the air, more for me that I just got started with Laravel.

I see that your implementation is very tight to a model (that is not bad eh!), I guess that the UserInterface is the contract needed to make it work.

My question is, what should we do with the User model itself? I know Laravel comes with one but I don't think that User can be used with this library, can it? I guess we need to create one, with our own fields (with some needed fields I guess) and then inherit from this library's UserInterface.

So I ask for an example of an app with a basic API (register/login endpoints and a dummy protected route). The example could wait until you release 0.4 (I am not in a hurry, still learning Laravel).

You can also add a User model example on the README with what the library expects and everybody's happy.

Cheers, keep the good work.

PD: I plan a Laravel + JWT + Angular article for my blog, I thought about creating a minimum JWT implementation, but I am starting to understand this library and I like it.

"tymon/jwt-auth": "dev-master" it is not working:(

i m using laravel 5

I added it to the composer.json file and ran composer update and I got this error:

[RuntimeException] Could not scan for classes inside "app/models" which does not appear to be a file nor a folder

I got a new issue, when i pass the token via query (?token= ...) it brokes the crossdomain setting and i got the no origin allow and bla bla ..

is there a way to resolve this? am i missing something?

Also can you provide an example about the "Authorization: Bearer {yourtokenhere} header" approach?

ty

Hi!

Would be good the token could be purged by some function called JWTAuth::removeToken($token)

Thanks!

Are you storing user token?
I use redis for cache?
Can i see who is online?
It will be good to track last time active user

Can you give me advice.
How to avoid code like "$user = JWTAuth::parseToken()->toUser()"
Is it posible to get something like JWTAuth::getUser()?

Because JWTAuth::parseToken()->toUser() will parse token twice. FIrst in middleware then into controller.

Hi there.

I'm trying to make tests for Authentication part but I'm stuck. Could you provide some info how to mock GetUserFromToken Middleware? Or maybe there is a way to generate token for tests which will always return true for validation and return existing user from database ? Sorry for lack of more info, but I'm still new to Lavarel, phpunit and tdd for php. I have tried Slim framework but could't make tests for it.

If you or anybody reading this have same nice tutorials about mocking middleware and/or database request then please post it here also.

version: 0.5

Hi,

I'm using v0.4.1 and get this error:

tymon/jwt-auth/src/JWTAuth.php line 314
Method [login] does not exist.

My request header is "Authorization: Bearer {access token}'

Hello Tymon!

I'm reading trough the docs and was wondering why there's no mention of the authenticate method.

I would like to use the L5 Auth Guard together with this package.

Hi !! Is it possible to remove a claim from a previously created token? (Or create tokens with different default claims?) If so, how?
For example, I want to have tokens without expiry time. I know I can create a token with custom claims, but in this case I'm doing this:
$token = JWTAuth::fromUser($user);
and that is way easier than:
$customClaims = [(all the default claims except exp)];
$payload = app('tymon.jwt.payload.factory')->make($customClaims);
$token = JWTAuth::encode($payload);

(P.S.: I've managed to remove the 'exp' claim from all tokens by editing the file "PayloadFactory.php", but I think that's not what I'm looking for)

Hello

I have the following problem with a pretty much from-scratch L5 project.
Any idea?

Cheers, Sebi

public function test()
{
    $user = User::find(1);
    $token = JWTAuth::fromUser($user);
    return response()->json($token);
}

ReflectionException in Container.php line 776:
Class tymon.validators.payload.factory does not exist
in Container.php line 776
at ReflectionClass->__construct('tymon.validators.payload.factory') in Container.php line 776
at Container->build('tymon.validators.payload.factory', array()) in Container.php line 656
at Container->make('tymon.validators.payload.factory', array()) in Application.php line 572
at Application->make('tymon.validators.payload.factory') in Container.php line 1231
at Container->offsetGet('tymon.validators.payload.factory') in JWTAuthServiceProvider.php line 226
at JWTAuthServiceProvider->Tymon\JWTAuth\Providers\{closure}(object(Application)) in Container.php line 290
at Container->Illuminate\Container\{closure}(object(Application), array()) in Container.php line 773
at Container->build(object(Closure), array()) in Container.php line 656
at Container->make('tymon.jwt.payload.factory', array()) in Application.php line 572
at Application->make('tymon.jwt.payload.factory') in Container.php line 1231
at Container->offsetGet('tymon.jwt.payload.factory') in JWTAuthServiceProvider.php line 175
at JWTAuthServiceProvider->Tymon\JWTAuth\Providers\{closure}(object(Application)) in Container.php line 290
at Container->Illuminate\Container\{closure}(object(Application), array()) in Container.php line 773
at Container->build(object(Closure), array()) in Container.php line 656
at Container->make('tymon.jwt.manager', array()) in Application.php line 572
at Application->make('tymon.jwt.manager') in Container.php line 1231
at Container->offsetGet('tymon.jwt.manager') in JWTAuthServiceProvider.php line 190
at JWTAuthServiceProvider->Tymon\JWTAuth\Providers\{closure}(object(Application)) in Container.php line 290
at Container->Illuminate\Container\{closure}(object(Application), array()) in Container.php line 773

I update to version 0.4 and when call

JWTAuth::toUser($token)

I have this error

call_user_func_array() expects parameter 1 to be a valid callback, class 'Illuminate\Cache\FileStore' does not have a method 'tags'

The error start at JWTMAnager at line 69.

(FYI, I am testing things on your develop branch.)

In some of my tests, I login as two different users to make sure that things behave properly. I do this like so:

$user = User::find($user_id);
$token = JWTAuth::fromUser($user);
// Store $token for use in subsequent requests

However, the second login never worked. I traced the issue to the JWTAuth@getToken:

    /** 
     * Get the token
     *
     * @return boolean|Token
     */
    public function getToken()
    {   
        if (! $this->token) {
            try {
                $this->parseToken();
            } catch (JWTException $e) {
                return false;
            }
        }

        return $this->token;
    }

I'm sure there's a good reason for the outer if statement if (! $this->token) {, but this is what prevents multiple logins during the same session; if the token is already set, it doesn't reset it.

I worked around this issue in my own code by calling JWTAuth::setToken($token), and this correctly updated the JWTAuth class with the new token for the second user. I'm not sure if this should be classified as a bug, feature, or wontfix, but I thought I'd bring it to your attention just in case.

hi,

I am a bit new to laravel and its terminologies.

I am building an API, and It has a verifyphone method in one of its controllers. like this

$this->middleware('jwt.auth', ['only' => ['verifyphone']]);

If the token is not expired and is valid, everything works fine.

But, if its invalid or expired, what should I do from the API side ? Just throwing the response would be fine ?

If so, what should I do from the API side to refresh the token ?

Thank you for any response.

Hi Sean,

First off let me say this is a great package!

It seems that the RefreshToken middleware does not consider the 'refresh_ttl' but only the 'ttl' config.

For example set the config as (just for testing):

• ttl = 1 minute
• refresh_ttl = 5 mins

I get the new token on every response and use that for the next request which is fine.

But the token can only be used for 1 minute as per the ttl.

I don't want to have the user login again until after 5 mins (as per the refresh_ttl).

What do we need to do to have this work? Have I misunderstood the concept around the refresh_ttl and RefreshToken middleware?

I am trying with JWTAuth::encode();

Argument 1 passed to Tymon\JWTAuth\JWTManager::encode() must be an instance of Tymon\JWTAuth\Payload, array given

Not sure what I'm doing wrong. Been using this great package for about two weeks, but today, the token it issues on login is immediately throwing an "expired" Exception when I next try

$decode = JWTAuth::decode($token);

It seems like I'm using it the same way I have been. What could I be doing wrong?

Thank you,
~Todd

Doesn't look like the package can be installed for the newly released Laravel 5 release.

Your requirements could not be resolved to an installable set of packages.

 Problem 1
- Conclusion: remove laravel/framework v5.0.0

This is with a fresh install of Laravel 5, with no other dependencies defined in Composer except this package.

I just found and followed the explanation in #41 regarding the dev version and could complete the composer installation.

However, whenever I try to run artisan I get the following:

PHP Fatal error:  Class 'Tymon\JWTAuth\JWTAuthServiceProvider' not found in /var/www/example/vendor/laravel/framework/src/Illuminate/Foundation/ProviderRepository.php on line 150
PHP Stack trace:
PHP   1. {main}() /var/www/example/artisan:0
PHP   2. Illuminate\Foundation\Console\Kernel->handle() /var/www/example/artisan:36
PHP   3. Illuminate\Foundation\Console\Kernel->bootstrap() /var/www/example/vendor/laravel/framework/src/Illuminate/Foundation/Console/Kernel.php:88
PHP   4. Illuminate\Foundation\Application->bootstrapWith() /var/www/example/vendor/laravel/framework/src/Illuminate/Foundation/Console/Kernel.php:191
PHP   5. Illuminate\Foundation\Bootstrap\RegisterProviders->bootstrap() /var/www/example/vendor/laravel/framework/src/Illuminate/Foundation/Application.php:167
PHP   6. Illuminate\Foundation\Application->registerConfiguredProviders() /var/www/example/vendor/laravel/framework/src/Illuminate/Foundation/Bootstrap/RegisterProviders.php:15
PHP   7. Illuminate\Foundation\ProviderRepository->load() /var/www/example/vendor/laravel/framework/src/Illuminate/Foundation/Application.php:439
PHP   8. Illuminate\Foundation\ProviderRepository->compileManifest() /var/www/example/vendor/laravel/framework/src/Illuminate/Foundation/ProviderRepository.php:59
PHP   9. Illuminate\Foundation\ProviderRepository->createProvider() /var/www/example/vendor/laravel/framework/src/Illuminate/Foundation/ProviderRepository.php:115
  [Symfony\Component\Debug\Exception\FatalErrorException]  
  Class 'Tymon\JWTAuth\JWTAuthServiceProvider' not found   

I am running:

PHP 5.4.6
LinuxMint 14
Composer 1.0-dev

I am not sure what additional info might be helpful.

I am new to Laravel so I am sorry if this is the typical noob question.

GetUserFromToken middleware could return 401 status code not 400 on token not provided:

if (! $token = $this->auth->setRequest($request)->getToken()) {
    return $this->respond('tymon.jwt.absent', 'token_not_provided', 401);
}

Technically it could be considered a 400 bad request for jwt_auth seeing as there is data missing / not as expected, but seeing as the intention is usually to check if the user is authenticated / authorised or not then 401 could be more appropriate?

Trivial I know, but having it implemented this way would help with intercepting the response and redirecting users, without having to check the message also, example from angular:

if (response.status === 401) {
    $location.path('/login');
}

Do you have any plans to make this awesome package compatible with Laravel 5 while it still in development?

Hello.
When I use JWTAuthMiddleware in routing the following exception throws:

call_user_func_array() expects parameter 1 to be a valid callback, class 'Illuminate\Cache\FileStore' does not have a method 'tags'

I read the same issue.
It's because I use a file cache driver. The same thing for database cache driver.
What should I use for cache driver?
When I set it to array, I get a token once more, but the 'user_not_found' error occurred.

Package versions:
laravel/framework v5.0.2
tymon/jwt-auth dev-laravel-5

Thank you.

I need to logout and remove the token from session. How can I do this?

I'm test the authentication with Postman, when I send the token as querystring work, but as Authorization header not.

There is a problem with my header config?

Thanks

hey when im trying to do this:
public function postLogin()
{
$credentials = Input::only('email', 'password');

    if ( ! $token = JWTAuth::attempt($credentials) )
    {
        // return 401 error response
    }

    return Response::json(compact('token'));
}

the respone that i get is this:
php artisan jwt:generate{"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3RcL2FuZ3VMYXJhdmVsJTIwYm9pbGVycGxhdGVcL3B1YmxpY1wvYXV0aFwvbG9naW4iLCJzdWIiOjMsImlhdCI6MTQxNDY2NzgxMywiZXhwIjoxNDE0NzU0MjEzfQ.bv5C1S67EkifKD_LOKElaow9F1Vmoy3muw0rGyh3iFc"}

from where the php artisan coming!?

Please add an event to inject auth into controllers in routes.php, as described in
http://laravel.io/forum/05-04-2014-add-additional-filter-class-to-composer-package
The simplified example below could be moved into an event

If you implement this as documentation instead, please add info on expiring & refreshing tokens.

  Route::group(array('prefix' => '/api/v1')), function() {   //add 'before' => 'myEvent'
    $payload = Input::get('auth_token');
    if ($payload) {
        try {
            $user = JWTAuth::toUser($payload);
            if ($user) {
                Auth::setUser($user);
                //Add your sensitive pages here
                Route::controller('companies', 'ProtectedController');
            }
        } catch (Exception $ex) {
            Log::notice("Auth token failure $payload", [__FILE__, __LINE__]);
            //Dumping $ex will cause an out of memory exception
        }
    }
  });

Hi,

After installing the 0.5.0 version of jwt-auth in my Laravel 5 project.
I get the error

FatalErrorException in AuthController.php line 18:
Class 'App\Http\Controllers\Api\JWTAuth' not found

when I access my route.

Here is my code in the controller:

<?php namespace App\Http\Controllers\Api;

use App\Http\Requests;
use App\Http\Controllers\Api\ApiController;

use Tymon\JWTAuth\Exceptions\JWTException;

use Illuminate\Http\Request;

class AuthController extends ApiController {

    public function login(Request $request)
    {
        $credentials = $request->only('email', 'password');

        try {
            // attempt to verify the credentials and create a token for the user
            if (! $token = JWTAuth::attempt($credentials)) {
                return response()->json(['error' => 'invalid_credentials'], 401);
            }
        } catch (JWTException $e) {
            return response()->json(['error' => 'could_not_create_token'], 500);
        }

        return response()->json(compact('token'));
    }
}

I did follow the wiki, and added the provider and alias

What about refresh token?

I m using angular and i want to refresh token. How to do this?

Hi, first: you're doing an awesome job!!... I've implemented your 0.3.12 version successfully with L4.2 (in development enviroment), but I see that your next release will have new features and awesome things, so I wonder, are you going to release the new version soon? can I use it safely before release? or should I stay with 0.3.12? I'd like to implement 0.4 in my production enviroment... thanks for your time and dedication in this package!

In the meantime you release a new version, I am playing with it (v0.3.x on Laravel 4.x) and since I am not really a Laravel user, I am having a harsh time creating the user model.

I deleted the default one (because it is too tied to session auth) and I created one which inherits from Eloquent, something dummy:

<?php

use Illuminate\Support\Facades\Hash;

class User extends \Eloquent
{
    protected $table = 'users';

    protected $fillable = ['username', 'password'];

    public function setPasswordAttribute($password)
    {
        $this->attributes['password'] = Hash::make($password);
    }
}

And when I attempt to validate those credentials it needs the UserInterface from Laravel so I guessed I needed to implement that in my model, but that would need me to create my User with a remember me token (something we don't need with JWT).

So what should I do with my user? I rerereread the README hundred of times but you missed the part where we create the model.

Hello,

I would like to know if you can give a little hand here. Im using your package (L5 branch) to secure some of my API uri's.
So now decided to dive in the testing world(nood here) and I can't seem to get this right when testing a protected uri.

$this->call('GET', 'v1/me', [], [], [], ['HTTP_Authorization' => 'Bearer <token here>' ]);

If I hard code the token in the call method it works fine but off course I first wanna get a User from my testing DB and then generate a token to pass it the call method(if this even make sense for a test)

Do you have a small example on how to this or point me in some direction?

Thanks in advance,
Helder

Hi,

I'm trying to combine jwt-auth with regular session based auth such that if either are present/valid the user is allowed through.

I've created a custom filter to do this since I don't think this is something I could do out of the box (but please correct me if i'm wrong, I would love not to have to do this ;) ).

Everything seems to working fine, I can check if either a session is authenticated or a token is valid but when a token isn't valid, but is supplied, i'm having trouble determining why it failed.

Specifically i'm having trouble figuring out when a TokenExpiredException is ever thrown.

For reference this is how i'm checking, its essentially the same as your JWTAuthFilter but i'm suppressing the exceptions in case another source of authentication proves correct. The check to see if a user is authenticated using a token is this:

https://gist.github.com/felnne/67851ee22a7681e43352
(I assumed the gist would be auto-embedded somehow but I guess not! Sorry for the extra click).

Note: I haven't added the extra checks for checking the user etc. that's to come.

If I try to go to a route using my filter, but without the switch statement for the JWTEception catch, I will get an error that the token is invalid. If I dd() the exception it says the token has expired.

I would assume in such cases the TokenExpiredException would be thrown instead? If not when is that used? I had a quick look through the code and found a call to that exception in a validator class, but i'm afraid I gave up looking after going up a couple of levels.

I copied the try/catch structure from your filter, so I assume that's not the problem. My workaround works and can tell the difference between an expired token and an invalid token, but i'm curious why the 'wrong' exception is thrown at all.

I tried using your filter but I get the same error, "invalid token" rather than anything about validity.

Could you help clarify this for me?

Thanks,

Felix

I need advice. We are building ios app so i have question about refreshing tokens.
we use 3 minute token exp. What is the best way to buid refresh token functionality

Does Client need to go for new token each 3 minute if i set token exp 3 min.
Or just use refrestoken middleware and send each request with new token?
Or create listener on ios side and in 2:40 min and sec go for new token with stored username and pass into client app?

Thanks.

sorry to ask this here!

I've seen you have created a file named IlluminateAuthAdapter.php, I wanted to know how could I accomplish having a SentryAuthAdapter.php file

thanks dear

Hi,

Thanks for the great package! The only thing I found different so far is the command to publish config file in Laravel 5.0. You have to do:

php artisan publish:config tymon/jwt-auth

I've created a barebones controller that has the demo code in to fetch a user from a token, but i'm getting an error 'Call to a member function toUser() on boolean' when I try to run the toUser() method.

My code to replicate:

try
    {
        $user = JWTAuth::parseToken()->toUser();
    }
    catch(Tymon\JWTAuth\Exceptions\TokenExpiredException $e)
    {
        // token has expired
        return Response::json(['error' => 'token_expired'], 401);
    }

    if (! $user)
    {
        // user not found
        return Response::json(['error' => 'user_not_found'], 404);
    }

    dd($user);

tymon,
i am using mutli auth package.
https://github.com/ollieread/multiauth

for now, i have to edit AuthManager to MultiManager manually in auth files if got update version

The service provider forces injecting Illuminate\Auth\AuthManager into whatever custom AuthAdapter you may have defined, by passing $app['auth'] as a parameter below.

        $this->app['tymon.jwt.provider.auth'] = $this->app->share(function ($app) {
            return $app->make($this->config('providers.auth'), [ $app['auth'] ]);
        });

This is not necessary, as when using $app->make(), it will automatically inject the type-hinted dependencies in the constructor. I suggest simply removing that parameter entirely.

My workaround simply ignores this variable.
https://gist.github.com/hackel/00a2b5a43d5007eceaa1

Since fromUser() expects a type User, I'm unable to move my user class into my own directory i.e. Application\User\User. I think it's common to want to move your models into your own application directory and it might be useful to accept different types.

Hello . Not able to install this package for laravel 5 . Please update or suggest any solution
Using
"minimum-stability": "dev",
"prefer-stable": true

Your requirements could not be resolved to an installable set of packages.

Problem 1
- Conclusion: don't install laravel/framework v5.0.3
- Conclusion: remove laravel/framework v5.0.2
- Installation request for atticmedia/anvard dev-master -> satisfiable by atticmedia/anvard[dev-master].
- Conclusion: don't install laravel/framework v5.0.2
- Conclusion: don't install laravel/framework v5.0.1
- atticmedia/anvard dev-master requires illuminate/support 4.* -> satisfiable by illuminate/support[v4.0.0, v4.0.1, v4.0.10, v4.0.2, v4.0.3, v4.0.4, v4.0.5, v4.0.6, v4.0.7, v4.0.8, v4.0.9, v4.1.0, v4.1.1, v4.1.10, v4.1.11, v4.1.12, v4.1.13, v4.1.14, v4.1.15, v4.1.16, v4.1.17, v4.1.18, v4.1.19, v4.1.2, v4.1.20, v4.1.21, v4.1.22, v4.1.23, v4.1.24, v4.1.25, v4.1.26, v4.1.27, v4.1.28, v4.1.29, v4.1.3, v4.1.30, v4.1.4, v4.1.5, v4.1.6, v4.1.7, v4.1.8, v4.1.9, v4.2.1, v4.2.12, v4.2.16, v4.2.2, v4.2.3, v4.2.4, v4.2.5, v4.2.6, v4.2.7, v4.2.8, v4.2.9].
- don't install illuminate/support v4.0.0|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.0.1|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.0.10|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.0.2|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.0.3|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.0.4|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.0.5|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.0.6|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.0.7|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.0.8|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.0.9|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.0|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.1|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.10|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.11|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.12|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.13|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.14|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.15|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.16|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.17|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.18|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.19|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.2|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.20|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.21|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.22|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.23|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.24|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.25|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.26|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.27|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.28|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.29|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.3|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.30|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.4|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.5|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.6|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.7|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.8|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.1.9|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.2.1|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.2.12|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.2.16|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.2.2|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.2.3|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.2.4|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.2.5|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.2.6|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.2.7|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.2.8|don't install laravel/framework v5.0.0
- don't install illuminate/support v4.2.9|don't install laravel/framework v5.0.0
- Installation request for laravel/framework 5.0.* -> satisfiable by laravel/framework[v5.0.0, v5.0.1, v5.0.2, v5.0.3].

Hey im getting this error where running composer update

Your requirements could not be resolved to an installable set of packages.

Problem 1
- Conclusion: remove laravel/framework v4.2.17
- Conclusion: remove barryvdh/laravel-cors v0.2.3
- Installation request for tymon/jwt-auth 0.5.* -> satisfiable by tymon/jwt-auth

Hey,

when I want to use namespaced model

config.php from tymon/jwt-auth

'user' => 'Api\Entities\User'

it says

class \User not found

and doesn't work until I add alias to

app.php

'User' => 'Api\Entities\User',

what might be the problem?

Hey after im login the user and set the token in the header im trying to get some route like in your example:

public function getTest()
{
try
{
$user = JWTAuth::getToken()->toUser();
}
catch(Tymon\JWTAuth\Exceptions\TokenExpiredException $e)
{
// token has expired
return Response::json(['error' => 'token_expired'], 401);
}

    if (! $user)
    {
        // user not found
        return Response::json(['error' => 'user_not_found'], 404);
    }

    return Response::json(compact('user'));
}

and i get the error:
"Call to a member function toUser() on a non-object"

you have an idea why?

First, thank you for a great library! Made my life a lot simpler.

I'm attempting to return my own response when a user sends an invalid token in order to have my API consistent. I've created an events.php file under app/ and hooked into the appropriate event:

Event::listen('tymon.jwt.invalid', function()
{
    return Response::json([
        'errors' => ['Invalid authentication token']
    ], Config::get('status.error.unauthorized'));
});

However this doesn't seem to change anything, I'm still getting this response returned:

{"error":"token_invalid"}

I know the event is firing because if I die("test") inside it, I see test.

How would you recommend I return my own response?

Hi,

When I call

$user = JWTAuth::getToken()->toUser($token);

I get

Call to a member function toUser() on a non-object

Any ideas why?

Thanks

Hi,

Since you mentioned you were refactoring I have a, hopefully, small suggestion that would help me with dealing with exceptions.

I use the JSON Exception Formatter package to return niceish errors for an API. By default all exceptions return a 500 Internal Server Error status code, unless the exception being handled defines something else by extending the Symfony HttpException exception.

This means that currently the exceptions returned by this package report the wrong status code. I've work around this by adding my own exceptions that extend the HttpException exception and set the relevant status code and an error test/type (used for some later post processing).

Would you be open to changing the exceptions in this package to use the HttpException exception? I know it adds an extra dependency but it's part of Laravel so its not anything extra someone would need to get as part of using this package.

For reference (and i've not done this before so I may have done something 'against the rules') my solution was to create a new base exception that extends HttpException like this:

https://gist.github.com/felnne/87385fdcad697afe4f6b

Which lets me define a status code and an exception type (which i'm not requesting you add, thats just something I did and will hopefully remove soon).

I then have a generic TokenException which extends the base exception:

https://gist.github.com/felnne/c5fa19ac7481968fa734

And finally per-failure exceptions such as ExpiredTokenException which set the correct status code depending on the error:

https://gist.github.com/felnne/41e936df4b5a407aced6

Having something similar to this within this package directly would hopefully allow me to get rid of my exceptions and mean that anyone that pairs this package with the JSON Formatter package gets the correct status codes out of the box!

I'd be happy to submit a pull request if this is something you'd consider - it would be similar to the Exceptions i've made but without the extra $exceptionType variable.

I hope i've managed to explain why I want this and the benefit I think it would bring!

Thanks,

Felix

Hi, when i try publish JWT files with:

• php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\JWTAuthServiceProvider"
  Return:
  • [ErrorException]
    The use statement with non-compound name 'JWTAuth' has no effect

Configs[config/app.php]
Providers:

• 'Tymon\JWTAuth\Providers\JWTAuthServiceProvider'

Alias:

• 'JWTAuth' => 'Tymon\JWTAuth\Facades\JWTAuth'

Compose.json:

• "tymon/jwt-auth": "0.5.*"

Has anyone had the same problem or know how to solve?

Thanks

hi,

I'm trying to use your package and got stuck with the usage of JWT middleware (Seems like docs aren't updated yet , or did I missed it ?)

I don't know what class(es) to add in the app/Http/Kernel.php...

Did anyone face this problem ?

It seems you've locked in Laravel 4.2 as the dependency is it possible to have this as ~4 so it will support 4.0 and 4.1 also?