Jwt-auth: how to refresh a token ? The token has been blacklisted ?
Hello , I use Lumen framework (Version 5.2 , JWT version 1.0 )
I get a token , but i can't refresh it , the system tell me "The token has been blacklisted".
I am sorry,my english is very bad.
thanks for your help.
Route:
$app->group(['prefix' => 'auth', 'namespace' => '\App\Http\Controllers'], function () use ($app) {
$app->post('/signin', 'AuthController@signin');
$app->put('/refresh', ['middleware' => ['before' => 'jwt.auth', 'after' => 'jwt.refresh'], 'uses' => 'AuthController@refresh']);
});
Sign in
public function signin(Request $request)
{
$this->validate($request, [
'email' => 'required|email|max:255',
'password' => 'required'
]);
try {
if ($token = $this->jwt->attempt($request->only(['email', 'password']))) {
return $this->json([
'token' => $token
]);
}
return $this->json([], 403, $this->_lang['signin_incorrect']);
} catch (JWTException $e) {
return $this->json([], 500, $e->getMessage());
}
}
refresh:
public function refresh()
{
try {
$this->jwt->setToken($this->jwt->getToken());
if($this->jwt->invalidate()) {
return $this->json([
'token' => $this->jwt->refresh()
]);
}
return $this->json([], 403, $this->_lang['token_incorrect']);
} catch (JWTException $e) {
return $this->json([], 500, $e->getMessage());
}
}
Auth Service Provider
public function boot()
{
// Here you may define how you wish users to be authenticated for your Lumen
// application. The callback which receives the incoming request instance
// should return either a User instance or null. You're free to obtain
// the User instance via an API token or any other method necessary.
$this->app['auth']->viaRequest('api', function ($request)
{
return \App\Models\User::where('email', $request->input('email'))->first();
});
}
damonto
All 6 comments
I have solved this problem. I removed jwt.refresh middleware then i using JWT Manager to refresh my token. It's work for me.
damonto
on 22 Aug 2016
@leepin please can you show in your example the JWT manager use.
Thanks.
franc014
on 4 Oct 2016
@leepin I'd also be interested to know what you did with the JWT Manager if you have time.
mtpultz
on 6 Oct 2016
@franc014 @mtpultz
Controller.php
<?php
namespace App\Http\Controllers;
use Laravel\Lumen\Routing\Controller as BaseController;
use Tymon\JWTAuth\JWTAuth;
use Tymon\JWTAuth\Manager;
class Controller extends BaseController
{
/**
* @var JWTAuth
*/
protected $jwt;
/**
* @var Manager
*/
protected $manager;
/**
* Controller constructor.
*
* @param JWTAuth $jwt
* @param Manager $manager
*/
public function __construct(JWTAuth $jwt, Manager $manager)
{
$this->jwt = $jwt;
$this->manager = $manager;
}
Refresh Toekn
/**
* 鍒锋柊 TOKEN
*
* @return \Symfony\Component\HttpFoundation\Response
*/
public function refresh()
{
try {
return $this->json([
'token' => $this->manager->refresh($this->jwt->getToken())->get()
]);
} catch (JWTException $e) {
return $this->json($e->getMessage(), 500);
}
}
It's work for me.
damonto
on 8 Oct 2016
You can override the GetUserFromToken middleware, refresh it when the token expires, and correct it if there is an error.
Walk-Code
on 9 Mar 2017
please note that you can change config options in your codes in run time. I used this code and this was a solution for me:
config([
'jwt.blacklist_enabled' => true
]);
auth()->logout();
JWTAuth::invalidate(JWTAuth::parseToken());
ivahidmontazer
on 1 Sep 2018
Related issues
lloy0076
路
3Comments
Rasoul-Karimi
路
3Comments
lbottoni
路
3Comments
gamelife1314
路
3Comments
functionpointdaniel
路
3Comments
Most helpful comment
@franc014 @mtpultz
Controller.php
Refresh Toekn
It's work for me.