So I am developing Ionic app with Laravel back-end and using JWT authentication.
My question is...since im using 4 fields when registering a user, and only 2 when logging in (email and pass), I suppose that upon registration the token should be made of only those 2 fields...
This is the working sign up function:
public function signUp()
{
$credentials = Input::all();
if (User::whereEmail($credentials['email'])->first()) {
return Response::json([
'error' => 'User with given e-mail already exists',
], 409);
} elseif (User::wherePhone($credentials['phone'])->first()) {
return Response::json([
'error' => 'User with given phone number already exists',
], 409);
} else {
$user = User::create($credentials);
$token = JWTAuth::fromUser($user);
return Response::json(compact('token'));
}
}
However if I change $credentials = Input::only('email', 'password') the full user won't be created (since there are fields missing).
But even if I leave $credentials as-is, and make combinations like
$token = JWTAuth::fromUser(Input::only('email', 'password')) or parse e-mail and password to JSON, or something similar...I get a "Trying to get a property of non-object" error, or that array is given instead of an object to JWTAuth...
JWTAuth::fromUser(Input::only('email', 'password')) expects a User object.
If you wish to use credentials you can do something like this:
// grab credentials from the request
$credentials = Input::only('email', 'password');
try {
// attempt to verify the credentials and create a token for the user
if (! $token = JWTAuth::attempt($credentials)) {
return Response::json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong whilst attempting to encode the token
return Response::json(['error' => 'could_not_create_token'], 500);
}
// all good so return the token
return Response::json(compact('token'));
https://github.com/tymondesigns/jwt-auth/wiki/Creating-Tokens
Related
Currently I'm developing Laravel 5.8 with using JWT Auth, everything running as well in Postman, but when I tried for testing on Browser, I got a lot of errors and one by one has been fixed. Now I'm get another error when I try to pass JSON Web Token by using Request. The token isn't provided correctly. After I do sign in process in :
public function signin(Request $request)
{
$this->validate($request, [
'username' => 'required',
'password' => 'required'
]);
// grab credentials from the request
$credentials = $request->only('username', 'password');
try {
// attempt to verify the credentials and create a token for the user
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json([
'error' => 'Invalid Credentials, username and password dismatches. Or username may not registered.',
'status' => '401'
], 401);
}
} catch (JWTException $e) {
// something went wrong whilst attempting to encode the token
return response()->json(['error' => 'could_not_create_token'], 500);
}
return response()->json([
'token' => $token
]);
}
The token generated successfully. But when I need the token to another controller, the token generated unsuccessfully, one of example is in this method :
public function index(Request $request)
{
// this will set the token on the object
JWTAuth::parseToken();
// and you can continue to chain methods
$user = JWTAuth::parseToken()->authenticate();
$token = JWTAuth::getToken();
die($token);
try {
if (! $user = JWTAuth::parseToken()->authenticate()) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['token_expired'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['token_invalid'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e->getStatusCode());
}
Everytime I'd like to JWTAuth::parseToken(); I got this error :
The token could not be parsed from the request
So why this happen? And what should I do? Because In signin method, the token successfully generated, but in index I can't access the token. Thanks for your attention.
Token needs to be passed via Headers in each api request
Header Name: Authorization
Expected Value: Bearer --token--
(without the -- ofcourse)
How to force the user to fill the form after login with google or facebook. I ma using laravel 5.4 with socials. In my app i want to allow google and facebook login but user can create a standard user too. When login with one of the social providers (facebook or google) i want the user to fill other fields in the form to complete the registration.
The handleProviderCallback:
public function handleProviderCallback($provider)
{
try{
$socialUser = Socialite::driver($provider)->stateless()->user();
}catch (Exception $e){
return redirect('/');
}
// check if we have logged PROVIDER
$socialProvider = Social::where('provider_id', $socialUser->getId())->first();
// if we don`t have a provider create a user and provider
if(!$socialProvider){
// i want the user to go back in the form and finish the registration
return view('auth.socials')->with('socialUser', $socialUser)->with('provider', $provider);
}
else{
// return the user
$user = $socialProvider->user;
}
// log the user in our app :)
auth()->login($user);
return redirect('/home');
the problem is when submiting the form i get an exception:
Client error: `POST https://accounts.google.com/o/oauth2/token` resulted in
a `400 Bad Request` response:
{
"error" : "invalid_grant",
"error_description" : "Invalid code."
}
If i use the method handleProviderCallback like this:
public function handleProviderCallback($provider)
{
try{
$socialUser = Socialite::driver($provider)->stateless()->user();
}catch (Exception $e){
return redirect('/');
}
// check if we have logged PROVIDER
$socialProvider = Social::where('provider_id', $socialUser->getId())->first();
// if we don`t have a provider create a user and provider
if(!$socialProvider){
$user = User::firstOrCreate(
['email' => $socialUser->getEmail()],
// i have to manualy add the missing fields
['name' => $socialUser->getName(), 'forename' => 'test', 'password' => '' ,'address' => 'adasda', 'country' => 'asasfasf', 'town' => 'asfasfsfsfs', 'legal_person' => '0', 'newsletter' => '1', 'phone' => '1235241521']
);
// add provider for this user
$user->socials()->create(
['provider_id' => $socialUser->getId(), 'provider' => $provider]
);
}
else{
// return the user
$user = $socialProvider->user;
}
// log the user in our app :)
auth()->login($user);
return redirect('/home');
}
the user get logged in, but as you can see i have to manually insert the missing fields in the firstOrCreate method (which are required in the users table)
Any suggestion how to do this?
I have checked using Auth::attempt(['email' => $request->email_id, 'password' => $request->password]) which works in web side but gives false in api side .
if (Auth::attempt(['email' => $request->email_id, 'password' => $request->password]))
dd("Successfully Authenticated ");
else dd("false");
Use JWT authentication to authenticate your lumen api
composer require tymon/jwt-auth
after installation follow the configuration
https://github.com/tymondesigns/jwt-auth/wiki
Below authenticate function help to authenticate and return the API token
use JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
class AuthenticateController extends Controller
{
public function authenticate(Request $request)
{
// grab credentials from the request
$credentials = $request->only('email', 'password');
try {
// attempt to verify the credentials and create a token for the user
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
// something went wrong whilst attempting to encode the token
return response()->json(['error' => 'could_not_create_token'], 500);
}
// all good so return the token
return response()->json(compact('token'));
}
}
i had developed JWT web token based laravel 5.3 project. Now i was struggled in authentication process because i have create new model like UserAccountsModel and also controller was different.The problem is token not generating. Here is my code
$credentials['Email'] = $request->get('username');
$credentials['Password'] = $request->get('password');
try {
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) {
return response()->json(['error' => 'could_not_create_token'], 500);
}
// if no errors are encountered we can return a JWT
return response()->json(compact('token'));
its only returning invalid_credentials..
so please any one can tell me where will i struggled and what are the configuration i am missing.
I have a Laravel 5 web app with Socialite to login my user by using Facebook account.
This is my callback function:
public function callback(SocialAccountService $service)
{
$user = $service->createOrGetUser(Socialite::driver('facebook')->user());
auth()->login($user);
return redirect()->to('/home');
}
This is my SocialAccountService, basically the function returns the user if existing or creates a new one:
class SocialAccountService
{
public function createOrGetUser(ProviderUser $providerUser)
{
$account = SocialAccount::whereProvider('facebook')
->whereProviderUserId($providerUser->getId())
->first();
if ($account) {
return $account->user;
} else {
$account = new SocialAccount([
'provider_user_id' => $providerUser->getId(),
'provider' => 'facebook'
]);
$user = User::whereEmail($providerUser->getEmail())->first();
if (!$user) {
$user = User::create([
'email' => $providerUser->getEmail(),
'name' => $providerUser->getName(),
]);
}
$account->user()->associate($user);
$account->save();
return $user;
}
}
}
Now the problem is, I am able to make my user login successfully via Facebook, but when the user clicks Cancel on the FB dialog for permission, it breaks.
How can I handle this error? I can see the error message in URL box, but don't know to handle them.
P.S I am fairly new to Laravel and Socialite
in the callback(...) method you can check for presense of the 'code' input field and if it is not there redirect to back to login page with errors.
Example:
function callback(SocialAccountService $service ,Request $request) {
if (! $request->input('code')) {
return redirect('login')->withErrors('Login failed: '.$request->input('error').' - '.$request->input('error_reason'));
}
// rest of your code
}
Try catch is the best practice(it catches all exception)
try
{
$userSocial =Socialite::driver('facebook')
->stateless()->user();
dd($userSocial);
}
catch (\Throwable $e) {
//handle error here for php 7 or 8
} catch (\Exception $e) {
// for php 5
handle error here
}