Jwt-auth: Method [viaRemember] does not exist.

I'm having the same issue @tom-aglow have you had any luck resolving? @tymondesigns Have you heard of this?

@jamesh38 unfortunately, no :( i'll let you know if i can solve the problem somehow.

The viaRemember method only exists on the session guard, not the jwt one. what does your config/auth.php look like?

config/auth.php - this is mine. should i use api driver as default then? /feel stupid/

Here is mine. I have multi auth on mine but I'm simply using the eloquent driver on a different Model. My items are globally name spaced btw.

@tom-aglow Yes you should specify the api guard or set it to be the default Auth::guard('api')->user()

@jamesh38 should work just fine if you use the api guard

Yah that's where I'm stumped I'm getting this error when going through any route that is protected by the JWT (api) guard.

Route::group(['middleware' => 'api', 'prefix' => 'api/auth'], function ($router) {
    Route::post('login', 'TokenController@login');
    Route::post('logout', 'TokenController@logout');
    Route::post('refresh', 'TokenController@refresh');
    Route::get('me', 'TokenController@me');
    Route::post('register', 'AppUserController@register');
});

There are my routes with the token controller having this in the constructor.

public function __construct()
    {
        $this->middleware('auth:api', ['except' => ['login']]);
    }

Any ideas?

Thank you by the way for the help.

Hmm well it looks like the error is being caused by the AuthenticateSession middleware here https://github.com/laravel/framework/blob/5.5/src/Illuminate/Session/Middleware/AuthenticateSession.php#L42

in your app/Http/Kernel.php file.. what middleware is being loaded where? specifically \Illuminate\Session\Middleware\AuthenticateSession::class,

thanks @tymondesigns. so sorry for stupid question 😊

Here is my Http Kernel

Thanks for the help here. I realize this isn't your code at this point. Ha.

No worries, have you tried commenting out \Illuminate\Session\Middleware\AuthenticateSession::class, ?

I have. Same result. Completely out of the application or just out of the
web stack of middleware?
On Wed, Jan 24, 2018 at 5:43 PM Sean Tymon notifications@github.com wrote:

No worries, have you tried commenting out
\Illuminate\Session\Middleware\AuthenticateSession::class, ?

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/tymondesigns/jwt-auth/issues/1436#issuecomment-360299267,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ADbj0o7KE8wmovoTFRaDroZu_zEsUmVaks5tN7ImgaJpZM4RPghj
.

Well it looks like commenting that out did the trick. I do have a custom provider I am adding to the app that has to be what is cuasing the issue.

I face this problem when I request a web route with Authorization Token in the header, and the default guard is api driven by jwt.

The problem seems to be that when Auth token is valid the guard resolve the user and it is authenticated then the AuthenticateSession middleware try to authenticate session presuming SessionGuard while you have JWTGuard.

I fixed this using the following custom middleware:

```

namespace App\Http\Middleware;

use Closure;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Contracts\Auth\Factory as AuthFactory;

class CustomAuthenticateSessionMiddleware
{
/**
* The authentication factory implementation.
*
* @var \Illuminate\Contracts\Auth\Factory
*/
protected $auth;

/**
 * Create a new middleware instance.
 *
 * @param  \Illuminate\Contracts\Auth\Factory  $auth
 * @return void
 */
public function __construct(AuthFactory $auth)
{
    $this->auth = $auth;
}

/**
 * Handle an incoming request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Closure  $next
 * @return mixed
 */
public function handle($request, Closure $next)
{
    // if vapor/signed-storage/url , just ignore this middleware entirely
   if ($request->has("ignore_web_middleware") || $request->ignore_web_middleware ) {
       return $next($request);
   }
    if (! $request->hasSession() || ! $request->user()) {
        return $next($request);
    }

    if ($this->auth->viaRemember()) {
        $passwordHash = explode('|', $request->cookies->get($this->auth->getRecallerName()))[2];

        if ($passwordHash != $request->user()->getAuthPassword()) {
            $this->logout($request);
        }
    }

    if (! $request->session()->has('password_hash')) {
        $this->storePasswordHashInSession($request);
    }

    if ($request->session()->get('password_hash') !== $request->user()->getAuthPassword()) {
        $this->logout($request);
    }

    return tap($next($request), function () use ($request) {
        $this->storePasswordHashInSession($request);
    });
}

/**
 * Store the user's current password hash in the session.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return void
 */
protected function storePasswordHashInSession($request)
{
    if (! $request->user()) {
        return;
    }

    $request->session()->put([
        'password_hash' => $request->user()->getAuthPassword(),
    ]);
}

/**
 * Log the user out of the application.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return void
 *
 * @throws \Illuminate\Auth\AuthenticationException
 */
protected function logout($request)
{
    $this->auth->logoutCurrentDevice();

    $request->session()->flush();

    throw new AuthenticationException;
}

}

```