Quick tip here: The pipe ("|") character, when encoded for its use in URLs, becomes "%7C". This is the reason the token didn't work @ about 29:00 in the vídeo, because he was replacing only the % instead of "%7C". Hope it helps!
@sefmangampo
3 жыл бұрын
Thank you for this.
@fatercio
10 ай бұрын
Show de bola
@danmarlcadiz1575
2 жыл бұрын
You really have my big thanks for showing me the way where you don't have to use postman to implement the Authorization: Bearer I am using this on passport and using your way. it saved me 5-6 days of sleepless nights. Time to subscribe and thanks again
@yoskokleng3658
Жыл бұрын
So it's work with passport too, right ?
@UpdaterMC
Жыл бұрын
Bro you are actually an ABSOLUTE LEGEND!! I find this tutorial very helpful from the way you explained
@husseinh8232
8 ай бұрын
mate, this is not jwt it's actually sanctum token and you don't need to use a middleware to process the token ... you can do it more professional way by adding the authorization header to your request in your http library like axios
@wailantirajoh3052
2 жыл бұрын
at logout, you might want to add $request->user()->tokens()->delete(); to delete the token in database also. otherwise it will stackup
@melvinreano1221
Жыл бұрын
where to add sir?
@sivaramakrishnans2391
2 ай бұрын
Really a Good and Understandable video. Your explanation is sooooooooooo good. Need more videos like this. Thanks! This is very helpful.
@biliyonnet
2 жыл бұрын
Isn't the restful api supposed to be stateless or am I wrong? If I'm going to store the token in the database or on disk why not do it with the session, which was invented like 1000 years ago? Why are we reinventing the wheel? I think that's not how JWT is used. That's how Sanctum is designed, I'm not criticizing the video.
@irhamsahbana5210
2 жыл бұрын
i thought for bridging purpose ?or is session can used for multiple domain?
@biliyonnet
2 жыл бұрын
@@irhamsahbana5210 if you use sql for session storage you can easily access them from multiple domain.
@cion0726
3 жыл бұрын
i can't find the jwt tokens that you mentioned in the title. But you gave me an idea so i forgive you. thankyou
@ScalableScripts
3 жыл бұрын
Lol thank you for your mercy
@martinn1071
3 жыл бұрын
thanks so so so much !! you're the man !!!! subscribing right now !!!
@tahmidferdous2365
3 жыл бұрын
Subscribed!!!! Man, you're a legend!
@mehrshaddarzi
2 жыл бұрын
laravel sanctum check user token from mysql database in every request ? this is very bad for big application.
@_realist_6957
3 жыл бұрын
You mentioned in video title and description that you are using JWT!!! This is not JWT man... 2nd in logout if you just remove cookie for Sanctum token. Token will still persist and hacker can use it even when User hitted logout button.
@nielot6961
3 жыл бұрын
Do you have any tutorial how to make authorization with JWT and Sanctum ?
@mikha2880
2 жыл бұрын
wthell.. i think so.. couse in the video never install jwt
@soy-luisarrieta
Жыл бұрын
function logout() { $cookie = Cookie::forget('jwt'); /** @var User $user */ $user = Auth::user(); $user->tokens() ->where('id', $user->currentAccessToken()->id) ->delete(); // Revoke current token return response([ 'message' => 'Logged out successfully.', ])->withCookie($cookie); }
@kerintambasco5865
2 жыл бұрын
Very good video, man, it really helped me a lot, waiting for more vids! :D
@dobges6282
7 ай бұрын
Excelente mi amigo, me has ayudado demasiado, muy buen video
@rifatalom5420
10 ай бұрын
Thank you very much for this great tutorial, may god bless you and your family
@JeanPierreCasanovaFuentes
3 жыл бұрын
but that's not a JWT ....
@adolforicardo5
3 жыл бұрын
True, is not...
@ZaShazahidshaikh
2 жыл бұрын
Method andi library is different. But it is doing the same job of JWT and that is Authentication
@losrobbosful
2 жыл бұрын
@@ZaShazahidshaikh But the use case of JWT is something very specific: That you have STATELESS tokens, that don't need to get stored or cleaned from the database. If you use the DB to store tokens, you basically eliminate the point for JWT and can directly go with sessions, which is built into Laravel out of the box.
@pankajpawar2858
3 жыл бұрын
Awesome Tutorial... but, i have few questions. if we store token in httponly cookie then do we need to refresh the token ? and could you tell that here we using cookie time 1 day This is cookie expiry time, this is not token expiring time, Because, if i use jwt Token instead of sanctum Token in cookie then which time i used to check validity of token. cookie time or token time ? And Is sanctum token has no expiring time like JWT Token ? Pls Answer Thanks.
@rubab2020
3 жыл бұрын
i have the same question about refreshing token
@pankajpawar2858
3 жыл бұрын
@@rubab2020 i didn't get any answer from any place. So i gave same expiring time to both, cookie and token and i am refreshing and blacklisting old token at the time of cookie expire.
@keshavthakur5990
3 жыл бұрын
Very nice explaining
@junreydotarot7180
3 жыл бұрын
Hi! great video sir! Anyway just want to add, it would be better to delete the token in the table also because user can still access the restricted method after logout just by adding the Authorization manually on the header. ^___^
@sirajul-anik
2 жыл бұрын
Why should one use cookie-based authentication when he's building APIs? Don't the mobile developers have to do extra work to manage those cookies?
@ioanzaharia2111
2 жыл бұрын
By far not a production-ready Auth API, only pieces. If you try to build something for real go try another resource. Respect to the creator! By the way, if you read your comments, the video title should include Sanctum, not JWT!
@louiseboyle9618
Жыл бұрын
Agree, it doesn't seem to be the best and more secure way 🤯
@wodashekaf
7 ай бұрын
Great video. But, on logout function, you need also to delete user Access Token to database, if not anyone with that token can still perform request with just normal Authorization header.
@franklinpaulino58
3 жыл бұрын
how to update token after expiration?
@andreawriessnegger1116
Жыл бұрын
Awesome tutorial! Thanks!
@dthieu2002
3 ай бұрын
thankyou verry much! that is a lot helpful for me.
@collinsabadaike1411
2 жыл бұрын
Thanks bro, this was really helpful
@trandzung9311
3 жыл бұрын
Thanks so much!! Great video
@fullstackabhi
2 жыл бұрын
Love from bottom to top of my heart bro 💜
@meriamdimassi7447
3 жыл бұрын
The middelware does not work with me help plz !!!!
@gothaf
8 ай бұрын
I hope you do understand that you are NOT using JWT Tokens....
@pathumkumara4696
2 жыл бұрын
always tells unauthenticated please can u help me
@rifaturrana
8 ай бұрын
cookie save on postman but not in browser
@joshbarros1995
2 жыл бұрын
This video is great! thanks!!! Do you intend recording something about Refreshing the token?
@ScalableScripts
2 жыл бұрын
Maybe I will do a short video 3-5 mins that will explain it fast
@artempaskal7986
7 ай бұрын
Thank you for video, very helpfull, and what about personal_access_tokens table, if you have a lot of users, is table can add users endless or it clean itself??
@raimohaikari707
6 ай бұрын
You could delete personal_access_token manually, (because the middleware edit) you have access to Bearer token. Auth::user()->currentAccessToken()->delete();
@DhiaMagicien
3 жыл бұрын
thats not a JWT token you just wasted 25min of my time here is dislike from my 3 accounts for the Misleading title
@umerfarooq3121
3 жыл бұрын
Can you please make a tutorial on Laravel + React RestAPI with Authentication, google login etc.
@jonaldbalingit884
2 жыл бұрын
Hi! Is it possible to develop a working login form in front end if there is no 'user' implemented in the backend?
@zakariaziani6083
2 жыл бұрын
I think you can. I've read somewhere (React JS related) that you can use a fake database in your front end, not sure how that works but you can look it up.
@yoskokleng3658
3 ай бұрын
how about refresh token?
@AkashGadhiya
Жыл бұрын
you have use key in authcontroller ,but i am using 7.3 php verson, and key is not suppot in less then 8 , so what i use you have any idea
@prospersedgo3973
3 жыл бұрын
Great tutorial, i like it
@soy-luisarrieta
Жыл бұрын
Laravel API Authentication using *>>>>>COOKIES
@jesse_284
10 ай бұрын
handle function for setting bearer not working , can someone help?
@amatuluzma3828
3 жыл бұрын
$request->hearders->set('Authorization','Bearer'.$jwt); showing error: login route not found
@md.sajidulhaque9243
2 жыл бұрын
same here, I am also getting the same error, btw did u get the solution?
@jetsadaprasitsuwan1566
2 жыл бұрын
@@md.sajidulhaque9243 You have to add space after 'Bearer' like this 'Bearer '
@amatuluzma3828
2 жыл бұрын
No I didn’t get it right. But i guess this will work, $request ->headers->set('Authorization', 'Bearer'. ' '. $jwt); Let me know if it works.
@md.sajidulhaque9243
2 жыл бұрын
@@amatuluzma3828 and @Raclette Thanks to both of u, both of the solutions worked
@raihanhori912
3 жыл бұрын
Thank you so much sir
@chafiullahshuvo4759
2 жыл бұрын
When I send request to this login endpoint from the browser through PHP curl, the cookie is not added on the headers I guess because I get "unauthenticated" when I pulll the users but it works in POSTMAN perfectly.
@Proximity221
2 жыл бұрын
hi, running into the same issue.. did you manage to get this fixed?
@MrHarminto
5 ай бұрын
Thanks mate!
@jahdielcastaneda8728
2 жыл бұрын
vue app doesnt store cookie and chrome says cookie is froma different origin
@sovanrith4950
2 жыл бұрын
why store as cookie secure than storage ?
@kevinfrnando
2 жыл бұрын
Postman shows No cookie? any solve?
@gilgomes8122
3 жыл бұрын
Here in mine when I add Route :: middleware it gives the following eroo: ErrorException: Undefined array key 0 in file C:\xampp\htdocs\mop\admin\vendor\laravel\framework\src\Illuminate\Routing\Router.php on line 1287 can you help me?
@skytalawar8863
3 жыл бұрын
Please send the SS of api.php so can help you. Thanks
@EzeBranCerati
3 жыл бұрын
everything works fine, but it does not generate the cookie, neither in postman nor in the browser .. why?
@sonuojha5907
3 жыл бұрын
Install Postman Interceptor.
@TJVideos
3 жыл бұрын
Is there any tutorial with JWT auth in laravel woth UI?
@damiankowalski8541
2 жыл бұрын
I dont know if this is an unpopular opinion but I have never had so much trouble working with a framework. Laravel is too difficult, I'd rather work with pure PHP rather than waste time, most of the things explained here does not work. It's so annoying...
@fbb3006
2 жыл бұрын
This is not JWT Why you lie?
@karimselmouni5261
2 жыл бұрын
very very nice
@karisdft456
2 жыл бұрын
Thanks brother
@duongnt34
Жыл бұрын
This is Laravel Sanctum built in token not actually JWT. But thank you anw.
@AzizanMultazamAvicenna
11 ай бұрын
thanks, its work
@Moncef-Lak
2 жыл бұрын
at logout, you need to delete the token with "JWTAuth::setToken($token)->invalidate()"
@duongnt34
Жыл бұрын
as I can see, he uses laravel sanctum, not tymon's jwt-auth bro.
@jaspreetmaan121
Жыл бұрын
this is not jwt
@danielavalos2734
3 жыл бұрын
nice tutorial!! now, ¿how can I use this methods or APIS in an Android Studio with Kotlin? I suscribed
@saeidalidadi7579
11 ай бұрын
This is totaly wrong content about JWT token authentication.
@asus18019
3 жыл бұрын
we want more laravel + react
@ScalableScripts
3 жыл бұрын
You got this also if you haven't checked: kzitem.info/door/PLlameCF3cMEu3SGZ0K2kU5_q0BSF7uoAf
@ankitmakwana3141
2 жыл бұрын
@@ScalableScripts it says the link doesnt exists
@mecobrabo5590
3 жыл бұрын
great!
@ruhulamin8671
2 жыл бұрын
great ...
@user-qx4qy5lz4l
2 жыл бұрын
you save cookie on server ?
@ScalableScripts
2 жыл бұрын
It is stored on the frontend but it cannot used there, it will be used only in the backend
@MdTareq-hp8be
2 жыл бұрын
31:43 you put an space after Bearer but why you do that you didn't mention it in voice. I missed the comma and getting an error my half an hour time is lost😭
Пікірлер: 107