Laravel 7.0 - tymon/jwt-auth - check if token is valid
Solution 1
You could remove the auth:api
middleware and then have something like:
return response()->json([ 'valid' => auth()->check() ]);
Solution 2
Maybe this method need you:
public function getAuthenticatedUser()
{
try {
if (! $user = JWTAuth::parseToken()->authenticate()) {
return response()->json(['user_not_found'], 404);
}
} catch (Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
return response()->json(['token_expired'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
return response()->json(['token_invalid'], $e->getStatusCode());
} catch (Tymon\JWTAuth\Exceptions\JWTException $e) {
return response()->json(['token_absent'], $e->getStatusCode());
}
return response()->json(compact('user'));
}
Solution 3
Here is the mixed output to achieve status based token validation with laravel and tymon/jwt-auth:
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class ValidTokenController extends Controller
{
public function __invoke(Request $request)
{
$response = (int) auth('api')->check();
$responseCode = 200;
try {
if (!app(\Tymon\JWTAuth\JWTAuth::class)->parseToken()->authenticate()) {
$response = 0;
}
} catch (\Tymon\JWTAuth\Exceptions\TokenExpiredException $e) {
$response = -1;
} catch (\Tymon\JWTAuth\Exceptions\TokenInvalidException $e) {
$response = -2;
} catch (\Tymon\JWTAuth\Exceptions\JWTException $e) {
$response = -3;
}
return response()->json($response, $responseCode);
}
}
Related videos on Youtube
Francis
Webdeveloper from Hamburg - Germany, interested into distributed Solutions and high scale Projects.
Updated on June 04, 2022Comments
-
Francis almost 2 years
Trying to achieve a login endpoint at a laravel installation by using tymon/jwt-auth (JWT). The login, logout, get userdata is working fine. I would like to have a endpoint for checking the Bearer Token. There is a short way to achieve this via:
Route::get('/valid', function () { return 1; })->middleware('auth:api');
If the token is valid, the the HTTP return code == 200 but if not, a 401 code is returned. Since the endpoint is checking a token and not the authenticated communication, I would like to rather have a controller returning true/false regarding valid token with 200 - OK.
I had a look "under the hood" of the modules and that is how far I get (not working):
$tokenKey = $request->bearerToken(); $jws = \Namshi\JOSE\JWS::load($tokenKey); $jwsSimple = new SimpleJWS($jws->getHeader()); $jwsSimple::load($tokenKey); $jwsSimple->setPayload($jws->getPayload()); $jwsSimple->setEncodedSignature(explode('.', $tokenKey)[2]); $tmpVal = $jwsSimple->isValid($tokenKey);
Is there any better approach to achieve this? I assume that there should be a Service Provider for that but could not figure out how to implement this. Thank you in advance.
-
Francis about 4 yearsHad to tweak your code a bit like: if (!app(\Tymon\JWTAuth\JWTAuth::class)->parseToken()->authenticate()) and the exceptions absolute namespace definition. After that, it is working like a charm. Will post bellow the final solution. Thank you four your help!