I just tried your started kit and followed every step but after i run:

curl -X POST -F "email=johndoword=johndoe" "http://localhost:8001/auth/login"

I always get:
{"message":"not_found"}

Did i miss something?

This PoC should be converted to a composer package, so existing project can use this package.

I checked out the package, made no changes, connected to one of my existing databases and tested the following routes:

1. POST - api/auth/login - token got generated
2. DELETE - api/auth/invalidate - token invalidated
3. GET - api/auth/user - expired token yet gets the data properly

Isn't it supposed to say unauthorized?

@krisanalfa Using the fresh install, there's no listed routes after i ran php artisan route:list

Hi,

I am trying migrate the database and the set up throw following error

[Illuminate\Database\QueryException]
SQLSTATE[HY000] [2002] No such file or directory (SQL: select * from information_schema.tables where table_schema = homestead and table_name = migrations)

[PDOException]
SQLSTATE[HY000] [2002] No such file or directory

Please note my set up is not on homestead, I am using composer to set up the app.

Hi, after upgrading lumen-dingo-adapter to version 0.1.0, im getting this error

array_values() expects parameter 1 to be array, string given in LumenJWTServiceProvider.php (line 359)

I did the update because I had another error before when using 2 same routes endpoint with 2 different versions group in dingo api routing ;(

@krisanalfa I tried access to access api/auth/refresh from Postman collection you provided. But it says "Token has expired". Do I still need to configure something?

I am modifying this project to authenticate with a custom user table from a Microsoft SQL Database with different column names and where the password is saved with a different hashing algorithm.

Because of this scenario i would like to check the credentials by my self while avoid using eloquent, to generate the token. So far i have this in AuthController.php
$payload = JWTFactory::make($credentials); $token = JWTAuth::encode($payload);

Which generates a token although this method doesn't return a string (Is it normal?)

Now i think i need to authenticate the token so i had a look in the api.php inside routes folder
$api->group([ 'middleware' => 'api.auth', ], function ($api) {
The middleware part is responsible to check if the token is valid right? But where does this middleware points to? I am a newbie at both JWT and Dingo so any help will be appreciated.

I followed the instructions but when I run any kind of artisan command I get a ton of errors.

PHP Fatal error:  Maximum function nesting level of '256' reached, aborting! in /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php on line 575
PHP Stack trace:
PHP   1. {main}() /Users/yasinyaqoobi/Sites/lumen-jwt/artisan:0
PHP   2. Laravel\Lumen\Application->make() /Users/yasinyaqoobi/Sites/lumen-jwt/artisan:32
PHP   3. Illuminate\Container\Container->make() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:211
PHP   4. Illuminate\Container\Container->build() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:629
PHP   5. Illuminate\Container\Container->Illuminate\Container\{closure}() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:731
PHP   6. Laravel\Lumen\Application->make() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:230
PHP   7. Illuminate\Container\Container->make() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:211
PHP   8. Illuminate\Container\Container->build() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:629
PHP   9. ReflectionClass->newInstanceArgs() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:779
PHP  10. Laravel\Lumen\Console\Kernel->__construct() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:779
PHP  11. Laravel\Lumen\Application->prepareForConsoleCommand() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Console/Kernel.php:54
PHP  12. Laravel\Lumen\Application->make() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:759
PHP  13. Illuminate\Container\Container->make() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:211
PHP  14. Illuminate\Container\Container->build() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:629
PHP  15. Laravel\Lumen\Application->Laravel\Lumen\{closure}() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:731
PHP  16. Laravel\Lumen\Application->loadComponent() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:272
PHP  17. Laravel\Lumen\Application->make() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:566
PHP  18. Illuminate\Container\Container->make() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:211
PHP  19. Illuminate\Container\Container->build() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:629
PHP  20. Laravel\Lumen\Application->Laravel\Lumen\{closure}() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:731
PHP  21. Laravel\Lumen\Application->loadComponent() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:272
PHP  22. Laravel\Lumen\Application->make() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:566
PHP  23. Illuminate\Container\Container->make() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:211
PHP  24. Illuminate\Container\Container->build() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:629
PHP  25. Laravel\Lumen\Application->Laravel\Lumen\{closure}() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:731
PHP  26. Laravel\Lumen\Application->loadComponent() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:272
PHP  27. Laravel\Lumen\Application->make() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:566
PHP  28. Illuminate\Container\Container->make() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/laravel/lumen-framework/src/Application.php:211
PHP  29. Illuminate\Container\Container->build() /Users/yasinyaqoobi/Sites/lumen-jwt/vendor/illuminate/container/Container.php:629

This package is not working on Laravel Lumen 5.4, once you add this line inside your bootstrap > app.php in order to register the ServiceProvider:

$app->register(Zeek\LumenDingoAdapter\Providers\LumenDingoAdapterServiceProvider::class);

You will get this error stack:

ErrorException in Container.php line 1057:
Illegal offset type in unset
in Container.php line 1057
at Application->Laravel\Lumen\Concerns{closure}(2, 'Illegal offset type in unset', '/var/www/html/myApp/vendor/illuminate/container/Container.php', 1057, array('abstract' => array('Zeek\LumenDingoAdapter\Providers\SessionManager' => 'session'))) in Container.php line 1057
at Container->dropStaleInstances(array('Zeek\LumenDingoAdapter\Providers\SessionManager' => 'session')) in Container.php line 211
at Container->bind(array('Zeek\LumenDingoAdapter\Providers\SessionManager' => 'session'), object(Closure), true) in Container.php line 322
at Container->singleton(array('Zeek\LumenDingoAdapter\Providers\SessionManager' => 'session'), object(Closure)) in LumenJWTServiceProvider.php line 353
at LumenJWTServiceProvider->loadComponent(array('Zeek\LumenDingoAdapter\Providers\SessionManager' => 'session'), 'SessionManager') in LumenJWTServiceProvider.php line 84
at LumenJWTServiceProvider->registerSessionManager() in LumenJWTServiceProvider.php line 75
at LumenJWTServiceProvider->registerSessionServiceProvider() in LumenJWTServiceProvider.php line 49
at LumenJWTServiceProvider->registerJWTAuthDependency() in LumenJWTServiceProvider.php line 33
at LumenJWTServiceProvider->register() in Application.php line 172
at Application->register(object(LumenJWTServiceProvider)) in LumenDingoAdapterServiceProvider.php line 29
at LumenDingoAdapterServiceProvider->register() in Application.php line 172
at Application->register(object(LumenDingoAdapterServiceProvider)) in app.php line 104
at require('/var/www/html/myApp/bootstrap/app.php') in index.php line 14

Using Postman I authenticate John Doe:

http://websiteprogress.ca/uploads/20161025191157444.png

That works fine, but when I try to check the authenticated user by passing the token as a parameter:

http://websiteprogress.ca/uploads/20161025191453612.png

or via the header:

http://websiteprogress.ca/uploads/20161025191416698.png

I get an error: token_invalid.

Am I do something wrong?

I downloaded this project as my boilerplate, Im trying to deploy it on heroku but it wont work. It perfectly works on Local. I did all the things, needed. like creating the Procfile and everything. Have you ever tried deploying this on Heroku? I always get a error 500.

Hi

Could the library be updated to use lumen 5.4? Also it would be awesome if you could make a tutorial for how to configure a stock lumen installation with dingo + jwt i am willing to make a small donation to you if you could make this happen.

Best Regards

Hello @krisanalfa

I've reviewed the app.php, so, there were so many missing bootstrapping, thanks for the great work!

I could pass a token, and jwt.auth has worked, however, I got error when tried to /auth/login

MethodNotAllowedHttpException in RoutesRequests.php line 445:
in RoutesRequests.php line 445
at Application->handleDispatcherResponse(array('2', array('POST'))) in RoutesRequests.php line 381
at Application->Laravel\Lumen\Concerns\{closure}() in RoutesRequests.php line 624
at Application->sendThroughPipeline(array(), object(Closure)) in RoutesRequests.php line 382
at Application->dispatch(null) in RoutesRequests.php line 327
at Application->run() in index.php line 28

Mainly I will be using lumen for APIs, so I will not be logging into it, however its curiosity to know why its not working.. I think I have to dig more in the lumen& laravel architecture, do you know good resources links?

Hi @krisanalfa, this is probably a me issue not an issue with your project so I'm more asking for your assistance really.

I am creating an API for an existing user base where I had passwords stored with separate hashes. After searching around I believe I found the correct way to resolve this by creating my own hashing service provider that calls my own hashing class, that class extends the default bcrypthasher class and replaces the check method. I registered the service in the bootstrapp/app.php file. If I debug I can see the correct class exists in the service container bound to "hash". However when i post to auth/login always the original check function runs, not my function. What am I missing? Is the hash service being called from some not obvious location in this package?

My code for you

// TransitionalHasher.php

<?php namespace App;

use Illuminate\Support\Facades\Hash;

class TransitionalHasher extends \Illuminate\Hashing\BcryptHasher {

    public function check($value, $hashedValue, array $options = array())
    {
        // If check fails, is it a hash from a previous version?
        if ( !password_verify($value, $hashedValue) )
        {
            // Attempt to match user using previous version hash check
            // $user = foo;

            if ($user)  // We found a user with a matching hash
            {
                // Update the password to Laravel's Bcrypt hash
                $user->password = Hash::make($value);
                $user->save();

                // Log in the user
                return true;
            }
        }

        return password_verify($value, $hashedValue);
    }

}

My service provider:

// TransitionalHashServiceProvider.php

<?php namespace App\Providers;

use Illuminate\Support\ServiceProvider;
use App\TransitionalHasher;

class TransitionalHashServiceProvider extends ServiceProvider {

    /**
     * Indicates if loading of the provider is deferred.
     *
     * @var bool
     */
    protected $defer = true;

    /**
     * Register the service provider.
     *
     * @return void
     */
    public function register()
    {
        $this->app->singleton('hash', function () {
            return new TransitionalHasher;
        });
    }

    /**
     * Get the services provided by the provider.
     *
     * @return array
     */
    public function provides()
    {
        return ['hash'];
    }

}

and finally register in bootstrap/app.php

$app->register(App\Providers\TransitionalHashServiceProvider::class);

i tray to route a route using my access-token but i got this exception
Lumen 5.3
OAuth2

thanks you

Your requirements could not be resolved to an installable set of packages.

Problem 1
- The requested package illuminate/routiminate/hashingng could not be found in any version, there may be a typo in the package name.
Problem 2
- The requested package illu could not be found in any version, there may be a typo in the package name.

Potential causes:

• A typo in the package name
• The package is not available in a stable-enough version according to your minimum-stability setting
  see https://getcomposer.org/doc/04-schema.md#minimum-stability for more details.

Read https://getcomposer.org/doc/articles/troubleshooting.md for further common problems.

Not an issue, just to indicate that maybe this package would fit well in the bundle
https://github.com/barryvdh/laravel-cors

Hi
I just want to update the password for my users. I do not know how can I do it.
I searched a lot in your codes but I could not find the method or peace of code for hashing password.
Is there anyway to know how can I do it ?

thanks a lot for your helping

update to Lumen 5.6

I've downloaded the package, and I'm trying to create an API with it. But when it comes to validations e.g. users registration, it throws this object
{ "message": "The given data failed to pass validation.", "status_code": 500 }

while the official lumen throws this object with relevant errors
{ "name": [ "The name field is required." ], "email": [ "The email field is required." ] }

And here is my validation code in UsersController.php at store method
$validation = $this->validate($request, [ 'name' => 'required', 'email' => 'required' ]);

So, what is missing here to throw this general message?

Thanks and more thanks. 👍

I have pushed the code to a linux machine and it always throws this error 'invalid_credentials'. (I did seed the database correctly. )

Hello Master

I hope you 're well, i have a little question about how should do the get test, so now i´m using Postman, where in headers i have Key=Authorization and value= Bearer with the token, for example:

TESTING /auth/login

POST TO ...../auth/login

Headers
Key=Accept
value=application/json

Body
Key=email
value=[email protected]
Key=password
value=johndoe

The result is Status: 200 OK
{
"success": {
"message": "token_generated",
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjEsImlzcyI6Imh0dHA6XC9cL2xvY2FsaG9zdDoxMDAwMFwvZ3BpdEJhY2tlbmRcL3B1YmxpY1wvYXV0aFwvbG9naW4iLCJpYXQiOjE0NjA0Mjg4MTYsImV4cCI6MTQ2MDQzMjQxNiwibmJmIjoxNDYwNDI4ODE2LCJqdGkiOiI4YzM2N2E3OTdlZTZjMjRmMTUwOGM4M2Y5ZDEzMWRlNyJ9.T4g9FGEAW___ki5xBrBT-k6YZqdmt1lvYH39vi7SVLw"
}
}

TESTING /user

GET TO ....../user
Headers
Key=Authorization
value=Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjEsImlzcyI6Imh0dHA6XC9cL2xvY2FsaG9zdDoxMDAwMFwvZ3BpdEJhY2tlbmRcL3B1YmxpY1wvYXV0aFwvbG9naW4iLCJpYXQiOjE0NjA0Mjg4MTYsImV4cCI6MTQ2MDQzMjQxNiwibmJmIjoxNDYwNDI4ODE2LCJqdGkiOiI4YzM2N2E3OTdlZTZjMjRmMTUwOGM4M2Y5ZDEzMWRlNyJ9.T4g9FGEAW___ki5xBrBT-k6YZqdmt1lvYH39vi7SVLw

The result is Status: 400 Bad Request
{
"error": "token_invalid"
}

i hope you can help us, thank for your time

Update to lumen 5.5

Hi,

First thank you for this package which makes our life much easier :)

I would like to know if there is a method to get the curren authenticated user but return false if not.

I tried :

$user = JWTAuth::parseToken()->authenticate()

But this is returning a response :

{ "message": "The token could not be parsed from the request", "status_code": 500 }
I would like to return true if there is the token match an user and false in any case else.

Any help ?

Thank you.

Sometimes my api based on your project gives the following error "Oops something went wrong 404 not found" but doesn´t happen always it seems to happen when the api is under stress from several requests.

Any idea what might be caused this issue?

Best Regards
Stéphane

Hi @krisanalfa,

First I congrantulate you for the great work, this project save me a lots of time.

I've modified ttl property with value of 1 (1 minute to expiration) in config/jwt.php, but jwt generated continue with default value (60 minutes).

How can I solve this issue?

Thanks for all.

Sorry but just had a question regarding the API.

I see that there is /auth and then /login. I use the auth request to get a token and expiry date but then do a login after the auth request to get the users details.

Why would i want to use the /login if i was already authenticated from the /auth request? In the auth request i can return the user details.

If there is a reason then i would love to know why.

Thanks

Since I updated to newest laravel 5.4.* I get this error. From what I've seen you are not using session to store but it still uses that class and it was removed from lumen newest version.

I am new to lumen so it might be a noob question.
I followed all the steps for installing but whenever I run php artisan serve OR php -S localhost:8000 -t public/
I get this error: Directory C:\wamp64\www\lumen-jwt/public/ does not exist.
I have checked the write permissions as well as htaccess. Both are correct.
I have also checked changing the path for public directory but that might not be the case here. So please if anybody have a solution please share!
Thanks

On a fresh install of this package, the command :

php artisan route:list

does not list the routes, the routes are empty.

Any solution ?

Hello,

I try to integrate your plugin into Lumen 5.2, it seems work fine, except it allows invalid credentials.

When I send a request to /auth/login with email "[email protected]" and password "ajsdoijsa" it returns a valid token

{"success":{"message":"token_generated","token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjEsImlzcyI6Imh0dHA6XC9cL3BsYW50bWFuYWdlci1hcGkuZGV2XC9hdXRoXC9sb2dpbiIsImlhdCI6MTQ2NDM1NTkzNiwiZXhwIjoxNDY0MzU5NTM2LCJuYmYiOjE0NjQzNTU5MzYsImp0aSI6ImI1YmY4OTNhOTUyZGQwMDZiZWIxODFmMTkyNGEwMTJjIn0.3PhVhypGwegsH_2yNTeTMvDRqQApnakd6zaWsRJEC8I"}}

I was trying to determinate the problem, and it seems the error is somewhere around ApiGuard and TokenGuard.

ApiGuard:

    public function __construct(UserProvider $provider, Request $request)
    {
        $this->request = $request;
        $this->provider = $provider;
        **$this->inputKey = app('config')->get('auth.guards.api.identifier');
        $this->storageKey = app('config')->get('auth.guards.api.password');**
    }

TokenGuard validate function convert credentials:

    public function validate(array $credentials = [])
    {
        $credentials = [$this->storageKey => $credentials[$this->inputKey]];

        if ($this->provider->retrieveByCredentials($credentials)) {
            return true;
        }

        return false;
    }

so the output of the above will be:

['password' => '[emailaddress that I send]']

thus credentials does not match anything in EloquentUserProvider, cause it filter items with key 'password':

    public function retrieveByCredentials(array $credentials)
    {
        if (empty($credentials)) {
            return;
        }

        // First we will add each credential element to the query as a where clause.
        // Then we can execute the query and, if we found a user, return it in a
        // Eloquent User "model" that will be utilized by the Guard instances.
        $query = $this->createModel()->newQuery();

        foreach ($credentials as $key => $value) {
            if (! Str::contains($key, 'password')) {
                $query->where($key, $value);
            }
        }

        return $query->first();
    }

Could you help me what am I missing?

Hi friend, your package is great, can you add Redis broadcast support for real time?

Hi,

My project was working perfectly on my local server but not when i make it online.

I can login successfully but after that, each request receive a 401 error like the token is not right but it is there and it's right. I tried to run a local server on my server and send some curl request locally it is working.

What could be the problem ?

Thank you.

Can you add Dingo and Cors with it to make it complete package,

Hi I have a question, as I can change where I store the token.
to test the previous token is still valid , if more than one application command to start validating previous session tokens.
Excuse my English

Hey! I just used your boilerplate and tried the /api/auth/invalidate route but it throws internal 500. And yes, I got it using the given Postman collection. I get the status code 200 in tests.

The api/auth/refresh gives also internal 500 and tests says that:

There was an error in evaluating the test script: SyntaxError: Unexpected end of JSON input

Awesome boilerplate btw. Although it would be awesome if it contains /api/auth/register also.
Any fix to hope soon?

When trying to authenticate:

localhost/lumen_jwt/public/index.php?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjEsImlzcyI6Imh0dHA6XC9cL2xvY2FsaG9zdFwvbHVtZW5fand0XC9wdWJsaWNcL2F1dGhcL2xvZ2luIiwiaWF0IjoxNDU3ODgxMjIwLCJleHAiOjE0NTc4ODQ4MjAsIm5iZiI6MTQ1Nzg4MTIyMCwianRpIjoiODdmZWZjMTllMjE5NDE4ODQ1MzMyMzdjM2Q0Y2ZmN2YifQ.APXdnsMgMrlxgnGNbxnbPoboKPKpNmmS6Ta-MPwrehY

Got this error :

/opt/lampp/htdocs/lumen_jwt/vendor/monolog/monolog/src/Monolog/Handler/StreamHandler.php on line
87

Hehe. Lol. It happens because i'm new to laravel/lumen.

solution :
Change the cache driver in .env from memcached to file.

CACHE_DRIVER=file

Big thanks for @krisanalfa it's really works and help me a lot.
Also greetings from bekasi.

the api's driver is not defined i don't no way, please someone help me

Trying to Refresh a token returns "Invalid token":
Fixed when I remove the refresh rout from the api.auth middleware group:

 $api->group([
        'middleware' => 'api.auth',
    ], function ($api) {
        $api->get('/', [
            'uses' => 'App\Http\Controllers\APIController@getIndex',
            'as' => 'api.index'
        ]);
        $api->get('/auth/user', [
            'uses' => 'App\Http\Controllers\Auth\AuthController@getUser',
            'as' => 'api.auth.user'
        ]);
        $api->patch('/auth/refresh', [
            'uses' => 'App\Http\Controllers\Auth\AuthController@patchRefresh',
            'as' => 'api.auth.refresh'
        ]); // REMOVED THIS FROM THE GROUP AND LEFT IT UNPROTECTED, OR ELSE TOKEN WOULD NOT BE REFRESHED
        $api->delete('/auth/invalidate', [
            'uses' => 'App\Http\Controllers\Auth\AuthController@deleteInvalidate',
            'as' => 'api.auth.invalidate'
        ]);
    });

I can use swagger? And how can i install swagger?

If I override auth.php in config directory of lumen installation, then this;

    'providers' => [
        'jwt' => [
            'driver' => 'eloquent',
            'model' => App\User::class,
        ],
    ],

is still coming from package's config/auth.php file.

Now when i try to run the second curl command to try to login with the token generated by the first command i always get this error