UPDATE FOR LARAVEL 6.0+: I've seen a few comments about the above video not working in Laravel 6. There was a discussion and back-and-forth on the GitHub repo about this, and there seems to be a stable solution out there now. Run "composer require tymon/jwt-auth ^1.0.0" from your project root or update your composer file directly to reflect using version ^1.0.0 of tymon/jwt-auth.
@aschmelyun
4 жыл бұрын
If this doesn't work for you, please let me know!
@philipjfry4465
4 жыл бұрын
Trying to install ^1.0.0 throws "Could not find package tymon/jwt-auth in a version matching 1.0.0" But 1.0.0-rc.5.1 works fine
@ih4722
4 жыл бұрын
Where is the GitHub repo?
@MrAKGarg007
4 жыл бұрын
composer require tymon/jwt-auth ^1.0.0, This works like charm till date Laravel 6.2 . Thanks for your comment Andrew, just saved some debugging time. :)
@TJVideos
3 жыл бұрын
@@ih4722 did u find it??
@blackcrow9876
5 жыл бұрын
Finally somebody that speaks English.
@MarceloSilva-bs7nu
3 жыл бұрын
bull shit!
@Deepankarsingh1993
5 жыл бұрын
Thank you, finally someone have explained the jwt process in a way that a beginner can understand
@bulldog2024
4 жыл бұрын
That is so much easier and quicker than trying to setup passport. Great video.
@jean-davynizigama5019
4 жыл бұрын
Finally something other than passport. You're a hero 🙏🙏🙏
@ariamustofa
4 жыл бұрын
Thank you very much for your video @Andrew.
@Devdojo
5 жыл бұрын
This is a great video! Thanks for creating it :)
@fadilrahadiansyah4223
3 жыл бұрын
this is i needed the most, need to make default guard web, but need API auth thanks !
@aminraeisi
5 жыл бұрын
Can you please explain the process of when how do we use the refresh token? for example if I have a react native app that consumes the API then after the login, I am going to use the token that I got in first login and won't know if it is expired or no. Do I have to always check if token is expired so that I call the refresh() method or am I missing something?
@arnabjisit
2 жыл бұрын
Thank you @Andrew, this is really helpful for new learners like me..
@aseemlalfakawma5084
5 жыл бұрын
Great resource, thank you for this great explanation and example of JWT tokens.
@flayshon
4 жыл бұрын
9:48 How are you able to use the login route without declaring it in the routes/api.php file? I had to create one myself for the login to work Route::post('/login', 'Api\Auth\LoginController@login'); Edit: Okay, I can see the route at 11:28. Declaration must have been edited out by accident lol
@mateoborrazas27
4 жыл бұрын
Same happened to me broooo
@migfus-codes
3 жыл бұрын
If the token refresh, will it reset the expiration time?
@theretroman3862
4 жыл бұрын
Very complicated indeed... hopefully some day I will be able to do this shit!
@akashpatel7902
5 жыл бұрын
Great jwt example thanks man...
@mahmoudakoobah5505
3 жыл бұрын
Thx, Very helpful tutorial, and it's working on Laravel 8
@awaisfiaz8186
5 жыл бұрын
Those who are facing this issue after moving the controller to /Api FatalErrorException: Class App\Http\Controllers\Api\Controller; not found in file change the name space above Controller.php namespace App\Http\Controllers; ------> namespace App\Http\Controllers\Api;
@jiromesbaril9899
4 жыл бұрын
Life saver! Thanks!
@jayantrawat5961
Жыл бұрын
Just I out curiosity, I want to know why you didn't put the whole code, inside try, while creating post? I use to put whole things inside try and the catch if there any error. Any specific reason for that??
@arturoatencio1433
4 жыл бұрын
Hi, I do have a few questions, if you dont mind. At 7:30 when you just create a new login controller inside the api/auth folder, it creates a very basic scaffolded controller, so when you start building the login function, it has nothing else than the scaffolded lines. What I had before watching this video, was a copy-pasted login controller generated from the artisan make::auth and tried to customize it. But it requieres to user the `use AuthenticatesUsers;` at the very first line of the class, so I followed the rest of the tutorial and everything works just fine, But if I remove this line "use AuthenticatesUsers;" it stops working, even when on the video, you are not using this. Secondly, when you just copied the Controller.php inside the /api folder at 9:06, you forgot to fix the namespace, so Im wondering how is that it works. But bro, so many thanks. This just helped me a LOT!!
@carnalito80
4 жыл бұрын
Did you get it to work? There are the issues you mentioned, which i fixed but it still doesnt work.
@KistlakRajapakshaSevenNet
4 жыл бұрын
Thank You Very Much Bro !! :D But, one thing.. I successfully created a token in one of the applications in cloud hosting. But, another app that is in the same cloud hosting returns true for JWT instead of a token. How can I Fix this ??
@soultouchingsongs
3 жыл бұрын
Awesome tutorial. Subscribed👍
@hamaadchaudhry5393
Жыл бұрын
can we use this package for authentication of our private channels for Laravel websockets
@zaqueuorlando801
Жыл бұрын
I am not getting it Please can you provide the soruce code cause i can see dumplecated auth folder i am its just confusing
@charlespitagan8241
4 жыл бұрын
Hello Andrew , I love your tutorials. Please make a video for protecting the routes in vue-router. Thank you!
@aschmelyun
4 жыл бұрын
Coming soon!
@mediontamginskii5889
3 жыл бұрын
Nice Job!!! It was very helpfull!!!
@thamerbelfkih6593
4 жыл бұрын
thank you for this tutorial, just I want to point out that the try/catch for the authentication user is a best use case to use Laravel middleware instead of putting it within a method in the controller
@aserlink
3 жыл бұрын
Works perfectly with laravel 8.* .. thanks sir
@Desmait
3 жыл бұрын
Hi, what are you storing in db, only login email and token?
@aserlink
3 жыл бұрын
@@Desmait The only fields you're storing in the Db are Email and Password that you use to generate the token. After generating it, you dont store it in the database since Jwt will automatically check and verify it. If you are building a mobile application, you can save this token in shared preferences and then attach it to every request.
@Desmait
3 жыл бұрын
@@aserlink i just can't understand how to properly do registration function in controller(in case with jwt). Can you please provide some example? Thanks
@aserlink
3 жыл бұрын
@@Desmait The registration function remains the same whether with jwt or not. You simply receive your registration fields and save them in the database. Jwt comes in during login at the login function...that is where you change from session to Jwt as explained in this tutorial. If you follow the tutorial step by step, you will manage to get it up and running.
@Desmait
3 жыл бұрын
@@aserlink Thanks a lot, managed to do this but now i'm having problems with cors xD
@user-el8gf3ly4g
2 ай бұрын
how to use jwts with mongodb in laravel10 ?
@aminraeisi
5 жыл бұрын
Thanks! This really helped.
@pratik8787
3 жыл бұрын
tymon/jwt-auth is not compatible with php8. Can you advice any other jwt package?
@hermanheunis9354
2 жыл бұрын
Package repo is shifting to PHP-Open-Source-Saver / jwt-auth . It is compatible with Laravel 8 and Php8.0. I tried it and it works.
@flayshon
4 жыл бұрын
Just a heads up: if you put that try-catch in the parent class function and it throws an the UserNotDefinedException, the "return $user->posts" statement in the PostsController will throw another exception, because it expects $user to be an instance of App\User, but the authUser() method will return a JsonResponse with an error message. The refresh method try-catch needs to catch \Tymon\JWTAuth\Exceptions\JWTException too. It will be thrown if you try to /refresh without using any token.
@dennisbarnaja1708
3 жыл бұрын
Thanks
@keyjeyelpi
4 жыл бұрын
Great, you applied it. How about making a vid where you apply on the laravel routes?
@bulldog2024
4 жыл бұрын
How would I go about adding custom claims to the jwt such as roles, etc?
@R055Cuk
3 жыл бұрын
I have the same question
@bastiyanrodrigo9951
4 жыл бұрын
I got one question with this method of copying the main controller. How does this respond to core updates?
@prashantjani2963
2 жыл бұрын
can anyone tell me how auth()->attempt($creds) generated token?
@PathOfDamn
4 жыл бұрын
Does refreshing the token invalidates all other tokens that the user may have generated?
@ashishbhardwaj9760
3 жыл бұрын
Hi, Andrew nice tutorial about jwt token. I've implemented it successfully. Thanks I'll like your vscode theme and vscode font, color-code. Will u pls share these settings of vscode?? Thanks in advance...
@maciej_s
5 жыл бұрын
Hi, great vid! How would you persist the JWT on the client? Let's say decoupled VUE.js app. I am looking to achieve high level of security.
@manuelli_sebastian
2 жыл бұрын
Awesome, thank you.
@ahmedbh8837
4 жыл бұрын
you the best bro thx
@sleepydev4700
4 жыл бұрын
this is a great tutorial, but can you tell me why it was return token: true if we did not setdefaultdriver to api thanks in advance
@calixtus019
5 жыл бұрын
how to change the content-type of request form-data in application/json?
@MrAKGarg007
4 жыл бұрын
Hi, How I can use jwt for another model except user? Like auth guard ?
@lingting9790
3 жыл бұрын
how to implement with change/update password checking old password ?
@kunalsachdeva9059
3 жыл бұрын
How can I make sure the token is device specific - I just don't want user to use the token generated on website to use inside postman request? Also, I want user to have only one active token at one time, so if he tries to login on new device then I want old token to be revoked, how can we do this? Please explain this as well. Thanks in Advance
@scottpurdie3598
4 жыл бұрын
I would love to see this updated for 6.x Laravel.
@aschmelyun
4 жыл бұрын
Taylor Otwell is planning a package to simplify this soon, you can count on a new video when that drops! In the meantime, most of this should work for 6.x but I'll go through and make sure of it!
@GinishaVibes
4 жыл бұрын
How to do it without database. Like just an cahche
@NoahNobody
4 жыл бұрын
I'm quite new to the Laravel scene. Would this also work for Lumen?
@Brianle180
5 жыл бұрын
Hi, Your approach to create the new controller and set the default driver for auth work like a charm for me. But can you let me know why we cannot use something like middleware('auth:api') in the group routes at the api.php? (actually I tried and fail since auth()->attempts() just return boolean instead of token key ). Moreover, Is there anyway to know which is the current default driver???
@aminebenkhouya7295
5 жыл бұрын
you should use jwt.auth middleware.
@raufhashimov241
4 жыл бұрын
This code from this video tutorial is not working well.
@ifrashable
5 жыл бұрын
but how to refresh when its expire?
@TheMarvelsWorld
4 жыл бұрын
JWT works without auth?
@fahmyizzuddin9849
5 жыл бұрын
Can you help me why hit this type of error "Interface 'Tymon\\JWTAuth\\Contracts\\JWTSubject' not found"
@aschmelyun
5 жыл бұрын
What's the version number for jwt-auth listed in your composer.json file?
@fahmyizzuddin9849
5 жыл бұрын
@@aschmelyun i'm using the latest version 1.0.0-rc.4.1
@easyvideott7505
3 жыл бұрын
Hi Andrew, can you explain in short in plain english how would an external app consume that api.... it sends the credentials on login and in response it gets the token.... and then what? For example if this would be done with guzzle... you need to somehow have that token in all consecutive requests.... and that's the part that I'm missing/don't understand.
@sureshkukumati6526
3 жыл бұрын
Thank you sir 👍
@ellgibug
4 жыл бұрын
Thanks for tutorial) PS I think it better to make middleware, not try ... catch in every method %)
@ih4722
4 жыл бұрын
Can someone share the link to the GitHub repo PLEASE.
@prianasaputra7583
2 жыл бұрын
Thanks
@alexios4392
4 жыл бұрын
So where are you gonna keep this token on fronted?
@aschmelyun
4 жыл бұрын
If I'm using Vue, I'll keep it in the state management (Vuex). Otherwise, localstorage isn't a bad option either.
@ahmedmarzouk5126
4 жыл бұрын
Thank you very much for your efforts. I have a question please. When using this way of authentication without sending client_id and client_secret to get the access token, Does this mean that any application on the internet can use my API ? If yes, is it safe? Thank you!
@premkantsahu7816
3 жыл бұрын
Getting token:false My credentials are fine...
@jhoanborges6574
3 жыл бұрын
Genius.
@subhadipghorui2216
4 жыл бұрын
How to logout the user ??
@aschmelyun
4 жыл бұрын
You would use auth()->logout(). See more from the documentation here: jwt-auth.readthedocs.io/en/develop/auth-guard/#logout
Пікірлер: 91