Jwt-auth: Broadcast Auth route doesn't work with 'jwt.auth' middleware

Created on 28 May 2018  路  3Comments  路  Source: tymondesigns/jwt-auth

Subject of the issue

I'm trying to implement a chat server using Laravel Echo, Redis, Websocket, Vue JS and tymon/jwt-auth. I need my broadcast auth route to be authenticated by jwt.

When I make a post request with 'Bearer my_token' to '/broadcasting/auth' it throws AccessDeniedHttpException. I've set up my BroadcastServiceProvider like so:

Broadcast::routes(['middleware' => [ 'api' ,'jwt.auth' ]]);

The issue is thrown on Tymon\JWTAuth\Middleware\Authenticate @handle The error message is not helpful at all. Fairly straight forward to reproduce as I could do it on a fresh laravel installation as well.

Could it be, after successful authentication the package is not returning an expected type of response that is expected by the Broadcaster::authenticate method?

Since the error is invoked like this:

            $parameters = $this->extractAuthParameters($pattern, $channel, $callback);

            $handler = $this->normalizeChannelHandlerToCallable($callback);

            if ($result = $handler($request->user(), ...$parameters)) {
                return $this->validAuthenticationResponse($request, $result);
            }
        }

        throw new AccessDeniedHttpException;

That's the Broadcaster::authenticate method that's handling the final response. Maybe $request->user() is not accessible by it?

I don't even know if this is a Laravel shortcoming, package issue.
Please suggest...

Your environment

| Q | A
| ----------------- | ---
| Bug? | yes
| New Feature? | no
| Framework | Laravel
| Framework version | 5.6.x
| Package version | 1.0.0-rc.2
| PHP version | 7.2

Steps to reproduce

  1. On a fresh Laravel installation, configure Tymon/JWTAuth and then enable Broadcast service provider.
  2. Configure Broadcast service providers Broadcast::routes() with attributes to use jwt.auth middleware like this:
    Broadcast::routes(['middleware' => [ 'api' ,'jwt.auth' ]]);
  3. Make a POST request with a valid bearer token to /broadcasting/auth endpoint

Expected behaviour

User authenticates successfully.

Actual behaviour

Laravel throws AccessDeniedHttpException

picture shah-newaz
😕1

Most helpful comment

I found a solution, update your jwt-auth package into 1.0.0-rc.2, apply the docs then modify the BroadcastServiceProvider into Broadcast::routes(['middleware' => ['auth:api']]);

picture einnar82 on 4 Oct 2018
👍4

All 3 comments

@shah-newaz
I've got the same issue. Did you find any solutions?

gileneusz picture gileneusz on 28 Jun 2018

Hi, one workaround is to create your broadcast routes manually and not use the in built ones.
Thanks

tintinboss picture tintinboss on 28 Jun 2018

I found a solution, update your jwt-auth package into 1.0.0-rc.2, apply the docs then modify the BroadcastServiceProvider into Broadcast::routes(['middleware' => ['auth:api']]);

einnar82 picture einnar82 on 4 Oct 2018
👍4
Was this page helpful?
0 / 5 - 0 ratings

Related issues

therealmjk picture therealmjk  路  3Comments
marciomansur picture marciomansur  路  3Comments
phamduong picture phamduong  路  3Comments
functionpointdaniel picture functionpointdaniel  路  3Comments
Rasoul-Karimi picture Rasoul-Karimi  路  3Comments