Jwt-auth: Problem using different guard in routes...
Subject of the issue
I want to use a different guard in the routes but always use the default one.
I need to check the auth on the users tables and on the customers table too.
Your environment
| Q | A
| ----------------- | ---
| Framework | Laravel / Lumen
| Package version | 1.0.0-rc.1
| PHP version | >=5.6.4
Steps to reproduce
I've declared the new guard in the config/auth.php file like that:
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'session',
'provider' => 'users',
],
'customer' => [
'driver' => 'jwt.auth',
'provider' => 'customers',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'customers' => [
'driver' => 'eloquent',
'model' => App\Customer::class,
],
],
In the routes file i've used:
but if I use:
Route::group(['middleware' => 'jwt.auth:customer', ], function() {
....
});
Expected behaviour
I expect that function use the customers tabel.
Actual behaviour
The system says User not found.
If I put the customer guard as the default one it works.
LucaMiozzo
All 13 comments
@tymondesigns same problem here!
Can you help us please.
jjoao07
on 17 Jul 2018
@tymondesigns the same as my problem, please help us, thanks a lot
SamHz
on 7 Aug 2018
@tymondesigns I've the same problem. I hope you give us a solution soon. Thanks a lot.
JulietteGSOS
on 27 Aug 2018
I have found a solution:
auth.php
<?php
return [
'defaults' => [
'guard' => 'api',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'admin-api' => [
'driver' => 'token',
'provider' => 'admins',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
],
],
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_resets',
'expire' => 60,
],
'admins' => [
'provider' => 'admins',
'table' => 'password_resets',
'expire' => 15,
],
],
];
routes/api.php
Route::post('login', 'AuthController@login');
Route::post('loginadmin', 'AdminAuthController@login');
Model Admin.php
<?php
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
class Admin extends Authenticatable
{
use Notifiable;
protected $guard = 'admin';
protected $fillable = [
'username', 'email', 'password',
];
protected $hidden = [
'password', 'remember_token',
];
}
Controller AdminAuthController.php
class AdminAuthController extends Controller
{
public function __construct()
{
$this->middleware('guest:admin');
}
....
}
Hi @LucaMiozzo This sound interesting,
On my side, I ended up using Laravel Passport, but aren't easy to implement passport on my use case, once I needed to use UUID and passport doesn't support as defaults, same as MultiAuth.
But after some googling and testing I could get passport working nicely with Multi Auth and uuid and with a bonus of OAuth2 which I can extend my application to external API endpoint.
But I will test @LucaMiozzo solution, and to say that the only difference I can see, is that you've set api as defaults and added $guard inside admin model, I hope this can work for me.
Let u know after testing
jjoao07
on 27 Aug 2018
@LucaMiozzo Are you sure that is use jwt? your means we need use laravel passport to solve this problem锛焛t's not best for my project! thanks.
SamHz
on 29 Aug 2018
I didn't understand why it worked for me on my staging site but not my production one (same server, same database). I figured out that some of my users work and others don't. I've been over and over my database but I can't figure what could be wrong with the ones that don't work. And when I set api guard by default they all work !!! It drives me crazy....
JulietteGSOS
on 29 Aug 2018
I ended using the api guard by default and now everything works fine.
In routes/web.php I specify the guard for my authentitified routes :
Route::group(['middleware' => ['auth:web']], function () {
...
});`
And in my authentification controllers I specify the guard I'm using for each use of Auth() :
$token = Auth::guard('api')->attempt($credentials)
@JulietteGSOS your idea same as mine. your code use auth middleware? the middleware working ok?
SamHz
on 30 Aug 2018
I use Laravel 5.6 and tymon/jwt-auth 1.0.0-rc.2.
On my authentified routes from web, I use the middleware auth and, on the api one's, I use jwt.auth.
My config/auth.php is like that :
'defaults' => [
'guard' => 'api',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt',
'provider' => 'applications',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class
],
'applications' => [
'driver' => 'eloquent',
'model' => App\Applications::class
],
],
It's working just fine as long as I set api guard as default.
JulietteGSOS
on 30 Aug 2018
This is an issue with package. You need to extend BaseMiddleware and use your guard passed from routes to authenticate.
graphicmist
on 11 Mar 2020
This is an issue with package. You need to extend BaseMiddleware and use your guard passed from routes to authenticate.
How can i do that on a controller that already extends controller?
VijeshDatt
on 17 Aug 2020
sorry for that much late response but the issue is handled by following the steps below !
- lets assume that we've 3 models/providers can be authenticate the system -> User(customer), Admin and Vendor
- each provider has its own route by its token
// HERE IS MY AUTH.PHP CONFIG FILE -> i set api guard as default
return [
'defaults' => [
'guard' => 'api',
],
'guards' => [
'api' => [
'driver' => 'passport',
'provider' => 'users', // default
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => \App\Models\User::class
],
'admins' => [
'driver' => 'eloquent',
'model' => \App\Models\Admin::class
],
'vendors' => [
'driver' => 'eloquent',
'model' => \App\Models\Vendor::class
],
]
];
with this step the User instance is able to achieve related api with its bearer token , but other can't.
now define a middleware to update the guard in conf ! (i ll show only the AdminMiddleware)
here is my AdminMiddleware !
public function handle($request, Closure $next)
{
config(['auth.guards.api.provider' => 'admins']);
return $next($request);
}
the only thing we do here is let the app be aware of updated provider due to its guards . and we set the provider as admins to check the correct table/model.
then for sure initialize your middleware in bootstrap/app.php
$app->routeMiddleware([
....
'auth' => App\Http\Middleware\Authenticate::class,
'admin' => App\Http\Middleware\AdminMiddleware::class,
...
]);
now we re able to test it out !, when we want to let users to be able to consume api we should use default auth:api middleware like :
$router->group(['middleware' => 'auth:api'], function () use ($router) {
return $request->user(); // will return Authenticated User Instance || null
});
and for admin ->
// DO NOT FORGET TO ADD MIDDLEWARE HERE !
$router->group(['middleware' => ['admin', 'auth:api']], function () use ($router) {
return $request->user(); // will return Authenticated Admin Instance || null
});
code with love :)
ozguryigit19
on 26 Mar 2021
Related issues
loic-lopez
路
3Comments
aofdev
路
3Comments
agneshoving
路
3Comments
heroghost
路
3Comments
lloy0076
路
3Comments
Most helpful comment
@tymondesigns same problem here!
Can you help us please.