Jwt-auth: Cannot use both Session and JWT Auth in Laravel 5.5

Created on 21 Nov 2017  路  12Comments  路  Source: tymondesigns/jwt-auth

Hello, I am using Laravel 5.5 with JWT dev-develop. I have also set my auth drivers for web. 

'defaults' => [
    'guard' => 'web',
    'passwords' => 'users',
],

'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],

    'api' => [
        'driver' => 'jwt',
        'provider' => 'users',
    ],
],

But, the above configuration doesn't give me JWT Bearer Token. When I replace web with api, Auth::attempt($credentials) gives me JWT token instead of session.

Any ideas how to use both at the same time?

picture tijanmdr

Most helpful comment

Specify the guard name like so (straight from the docs):
Auth::guard('api')->attempt($credentials)

picture devfrey on 21 Nov 2017
👍4

All 12 comments

Specify the guard name like so (straight from the docs):
Auth::guard('api')->attempt($credentials)

devfrey picture devfrey on 21 Nov 2017
👍4

@artaex Thank you so much

tijanmdr picture tijanmdr on 29 Nov 2017

First: Apologize for my question. Where do I write the line?
I have the same problem.
Thanks.

thewasta picture thewasta on 3 Jun 2019

@thewasta it means when you want to authenticate a user when login in e.g 

Auth::guard('api')->attempt(['email' => '[email protected]', 'password' => 'reallyStrongPassword'])
omitobi picture omitobi on 14 Aug 2019

@tijanmdr and @omitobi How did you later solve it, you change your guard to api and then used this Auth::guard('api')->attempt($credentials) for the api login right? Does that mean you created two routes for login, one for the site and one for as an api endpoint.
I also have the same issue.

koiki13 picture koiki13 on 14 Aug 2020

@koiki13 that would be the ideal thing. To separate Web login from Api login

omitobi picture omitobi on 14 Aug 2020

@omitobi Now one last thing, what would guard be set to, api or web. That is another decision I'm not sure of.

koiki13 picture koiki13 on 14 Aug 2020

As I can tell,

api -> jwt
web -> session

@koiki13 If you have more routes that should be web, then you can set api guard when you need to do with any API endpoint.
But if you have more routes on each side, then using a middleware would be the best option.

You can just create api middleware, declare all api routes in a group attached with that middleware. In the middleware it should be possible to set the request guard there.

omitobi picture omitobi on 14 Aug 2020

Thanks for your help but, I don't quite understand the last part. "Setting request guard in middleware". Will appreciate if you can explain here or give a link where I can read that up.

koiki13 picture koiki13 on 14 Aug 2020

@koiki13 Sure. https://laravel.com/docs/7.x/middleware#middleware-groups

Create a middleware group using that link. The idea is to attach a middleware to the group. Create a middleware and set the default guard there.

I think you could use this in the middleware$this->auth->shouldUse('api'); Just check Laravel doc for more info.

omitobi picture omitobi on 15 Aug 2020
👍1

@omitobi Thanks, this is nice. Appreciate it 馃憤

koiki13 picture koiki13 on 15 Aug 2020

Specify the guard name like so (straight from the docs):
Auth::guard('api')->attempt($credentials)

this does not work in me, do you have any idea what is the issue is?

roneilbrews picture roneilbrews on 6 Jan 2021
Was this page helpful?
0 / 5 - 0 ratings

Related issues

alihossein picture alihossein  路  24Comments
johncloud200 picture johncloud200  路  32Comments
vsecades picture vsecades  路  26Comments
marijang picture marijang  路  53Comments
frenetic picture frenetic  路  26Comments