Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Sean Tymon
    @tymondesigns
    Hi Peter
    I seem to remember from your snippet that you posted. You had this->url in the getJWTSubject method
    This is what the illuminate auth adapter will use to retrieve the authenticated user. So you should change this to $this->id for it to work
    Peter Murwa
    @murwa
    Yeah, I had messed up that when trying to figure out the error; but I've since changed url to id; the aforementioned error still persists though!
    Jens Aronsson
    @jensaronsson
    Hi, if i have a token created from a laravel application with the jwt-auth package. Can verify the token in a microservice with the same jwt-auth package if i have the same secret?
    Jens Aronsson
    @jensaronsson
    @tymondesigns
    Jens Aronsson
    @jensaronsson
    Solved .I had two different versions of jwt-auth package that was causing a signed failed.
    Luke Edwards
    @lukeed
    @tymondesigns so is Lumen 5.2 officially covered? Seeing a lot of make-it-works in the issues but can't tell if it's now fully covered
    Hitesh Goel
    @mannutech
    Hi everyone !!!
    Need support on JWT getting started !!!
    I am not able to get started
    Victor Karanja
    @KR78
    Hello @mannutech which part do you need help on?
    Benjman
    @Benjman
    Hi, I was wondering if anyone could clear something up that I'm a bit confused about.
    When a user authenticates and gets a token, is the token refreshed every time they make a request? Or do they keep the same token?
    Brian Singer
    @brian-singer
    Same token
    You need a local storage concept
    If "rememberMe" flag is set by user then in your backend impl you do not set an experation
    *expiration
    Victor Karanja
    @KR78
    How can I pass conditions to the login process apart from the user's credentials, I want to pass a condition to check if the user is active, from the active column in the users table
    Brian Singer
    @brian-singer
    U can add a tenant
    user group....
    Victor Karanja
    @KR78
    Once I add that, how would I pass it to the JWT::attempt()
    Benjman
    @Benjman
    Thank you @brian-singer
    Brian Singer
    @brian-singer
    @KR78 decode the token and read the parameter....
    zakiullah
    @zakiullahbarakzai
    hi
    I am going to make SPA with larvel and angular js some one here can give me some suggestions from there experience and also using JWT for authentication
    Victor Karanja
    @KR78
    Hi
    I'm working with a SPA with Laravel and AngularJS, it's awesome, I'm using and angularjs package called satellizer which stores the JWT token once a user is authenticated in the localstorage of the browser or as a cookie depending on your preference and sends it's out with every request made to the Laravel API
    Victor Karanja
    @KR78
    You can monitor authentication based on the JWT token that's stored using the package, it keeps track of the token and you check if the token has expired with $auth.isAuthenticated() and fire an event like pop up a modal asking them to login again or redirect the user to the login page
    darrenw16
    @darrenw16
    Hi guys I have a jwt token setup and im passing through some custom claims like the associated user roles and permission there name and there avatar image... The user could fall under a few permissions though or may have a lot of associated roles.. I am worried about the custom claims bit becoming to big as I have seen warnings that it shouldnt be. So my question is what is the best practice on the size of the custom claims
    Brian Singer
    @brian-singer
    Well. The limit of a rest request header is 8KB in most cases so you can to keep it below that if you use it with rest calls
    Otherwise 8KB is extremely big. I would say 1KB max
    Thibaut Vincent
    @thibautvincent
    Hi, I'm currently using JWT when some routes. When i'm using a specific route, sometimes after 1 time, sometimes after a few times, the token is suddenly invalid. Everytime I send an api-request the token get refreshed. Does someone know how to solve this?
    rikochet
    @rikochet

    Hi, I'm current using the latest commit (dev-develop 821625d).. I'm currently unable to use custom claims. Anyone else have this issue?

    $credentials = $request->only(['email', 'password']);
    
            if ($company != '') {
                $customClaims = ['context' => ['user' => [ 'email' => $request->email ], 'company' => ['name' => $company]]];
            }
    
            try {
                if (!$token = JWTAuth::attempt($credentials, $customClaims)) {
                    throw new UnauthorizedHttpException('Invalid email/password');
                } 
            } catch (JWTException $e) {
                return $this->response->errorInternal('Token Generation Error');
            }

    Authentication works fine and a token is generated however the custom claims are not present within the token.

    rikochet
    @rikochet
    In version 1.* JWTAuth::attempt no longer accepts a second parameter.. I was able to resolve my issue via JWTFactory..
            if ($company != '') {
                $customClaims = ['user' => [ 'email' => $request->email ], 'company' => ['name' => $company]];
            }
    
            try {
                if (!$checkAuth = JWTAuth::attempt($credentials)) {
                    throw new UnauthorizedHttpException(trans('auth.invalid_credentials'));
                } else {
                    //
                    $payload = JWTFactory::context($customClaims)->make();
    
                    $token = JWTAuth::encode($payload);
                }
            } catch (JWTException $e) {
                return $this->response->errorInternal(trans('auth.token_generation_error'));
            }
    
            return $this->response->array(['token' => $token->get()]);
    Agustín Siles
    @agustinsiles
    hi guys
    im using sails js
    and im trying to issue an access token and a refresh token and I have no idea how to create a refresh one, can anybody help me please?
    Javis V. Pérez
    @javisperez
    Hello! i have a question regarding JWT, im using this package to handle my JWT tokens but im creating a new token on every request and blacklisting the previous, is that part of the JWT flow or im just doing some foolness?
    Benjman
    @Benjman
    @javisperez If you have a requirement to issue a new token on every request, then it's fine. However, typically you should just rely on the expiration claim. https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-25#section-4.1.4
    Javis V. Pérez
    @javisperez
    Oh great man, thank you @Benjman i dont know if i was doing the spected behavior or if i was just doing wrong things (apparently i was) thank you, ill rely on exp as you say, thank you.
    Mehulkumar
    @mkumr
    i just read this post http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/ and would like some thoughts on it
    Mapamatician
    @Mapamatician
    hi guys! I am building an iOS app with Laravel 5.3 as a backend using JWT auth. I can log into the app, and recieve the token, but I don't know am I supposed to store the JWT on the iOS client or will Laravel store the token in a session? How does the token persist?
    Mapamatician
    @Mapamatician
    ok, I got the token persisting. I'm not sure how I can use it lol. Do I need to pass it with the url on each request?
    Benjman
    @Benjman
    @Mapamatician Yes, you would typically add it to the header for each request.
    Mapamatician
    @Mapamatician
    I got it eventually thanks
    what I'm struggling with now is logout. How can I invalidate a token?
    Meheret Egzerab
    @mercyg
    Could someone please help me with autentication I am getting this error : UnauthorizedError: jwt expired.
    Swornim Shrestha
    @bravegurkha
    How can I increase the time to expire the token?
    karunaker reddy
    @karunakerreddyv
    I have separate Authentication app built with Jhipster and I want to share JWT token among multiple subdomains (multiple UI apps hosted under x.xyz.com, y.xyz.com, z.xyz.com). How can I share JWT token from authentication app to other apps