Core: adonisjs authenticator session + jwt together

if authenticator: 'jwt' then await User.create(request.only(['full_name', 'email', 'password'])); not working.

Set your default authentication to session and then you can authenticate those users who are using dashboard. but for mobile api authentication you can switch authentication on the fly to generate token and get current authenticated users. (take a look at the provided link).
It just need to use auth.authenticator('jwt') instead of auth when you want to work with adonis authenticator for mobile routes.

But when I apply middleware for auth in my api and call api with unauthenticated token it gives error in html but I want error in json format.

@vikrambiwal Either use a try-catch and return the error has a JSON response

try {

    // do something...
    await next()

} catch (error ) {

    return response.json(error)

}

Or use a wildcard Exception handler to catch the error and return it has JSON.

@jayrchamp thanks for reply.

// For dashboard
Route.post('create/', 'JobController.create').middleware('auth');

//For api
Route.post('create/', 'JobController.create').middleware('auth');

How to us your code here please help. In case of invalid token.

These two routes are identical! It's better to separate two endpoint by which you can define different rules for them.
Here we have two routes for different endpoints along with their authentication:

// start/routes.js
Route.post('create/', 'Web/JobController.create')
  .middleware(['auth:session']);
Route.post('create/', 'Api/JobController.create')
  .middleware('auth:jwt')
  .prefix('api/v1');

Web users need to pass session based authentication to create a new job. On the other hand, api users need to pass jwt based authentication to do so.

Here there are two controllers to handle job creation separately:

// app/Controllers/Http/Web/JobController.js
const Job = use('App/Models/Job')

class JobController {
  async create ({ request, auth }) {
    const data = request.all()
    try {
      // const user = await auth.user
      const job = await Job.create(data)
      return response.send(job)
    } catch (error) {
      response.send('Missing or invalid session')
    }
  }
}

// app/Controllers/Http/Api/JobController.js
const Job = use('App/Models/Job')

class JobController {
  async create ({ request, auth, response }) {
    const data = request.all()
    try {
      // const user = await auth.getUser()
      const job = await Job.create(data)
      return response.json(job)
    } catch (error) {
      response.status(401).json('Missing or invalid jwt')
    }
  }
}

As two final points:

• You can access authenticated user within each controller
• As you go, your logic may increase. so maintaining identical logic in repeatedly in two controller is a little bit annoying! to make life easier, It's better to define a service for Job stuffs and call the service within each controller.

To increase the readability of your codes, please take a look at creating-and-highlighting-code-blocks.

@vikrambiwal @agtabesh If you want the error for your api route to be a JSON response, then I would change :

response.send('Missing or invalid jwt')

for something like :

response.status(401).json('Missing or invalid jwt')

// app/Controllers/Http/Api/JobController.js
const Job = use('App/Models/Job')

class JobController {
  async create ({ request, auth, response }) {
    const data = request.all()
    try {
      // const user = await auth.getUser()
      const job = await Job.create(data)
      return response.json(job)
    } catch (error) {
      response.status(401).json('Missing or invalid jwt')
    }
  }
}

Cheers!

@jayrchamp you are right. I forgot to change that. Personally I create a wrapper to detect output type automatically.

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.