How to use token authentication in laravel web page

Question

I am trying to use JWT for laravel web page instead of session. so I made some changes.

1. Installed jwt-auth and configure

2. Then changed default guard as api in config/auth.php

   'defaults' => [
       'guard' => 'api',
       'passwords' => 'users',
   ],
   
   'guards' => [
       ...
   
       'api' => [
           'driver' => 'token',
           'provider' => 'users',
       ],
   ],
   

Now I am getting error

(1/1) FatalErrorException Call to undefined method Illuminate\Auth\TokenGuard::attempt() in AuthenticatesUsers.php (line 75)

How to fix this and start token authentication for laravel web page(blades not API).

Answer 1

I found the solution here : https://github.com/tymondesigns/jwt-auth/issues/860

In /routes/api.php - added a few basic authentication routes

Route::post('login', 'Auth\LoginController@login');

Route::get('/user', function (Request $request) {
    $user = $request->user();
    return dd($user);
})->middleware('auth:api');

In /app/http/Controller/auth/LoginController.php

and then override methods in login contoller

public function login(Request $request)
{
    $credentials = $request->only(["email","password"]);
    if ($token = $this->guard()->attempt($credentials)) {
        return $this->sendLoginResponse($request, $token);
    }

    $this->incrementLoginAttempts($request);
    return $this->sendFailedLoginResponse($request);
}

protected function sendLoginResponse(Request $request, $token)
{
    $this->clearLoginAttempts($request);

    return $this->authenticated($request, $this->guard()->user(), $token);
}

protected function authenticated(Request $request, $user, $token)
{
    setcookie("jwt_token", $token);
    return redirect('/');
    return response()->json([
        'token' => $token,
    ]);
}

protected function sendFailedLoginResponse(Request $request)
{
    return response()->json([
        'message' => "not found",
    ], 401);
}

Adding middleware AddToken

public function handle($request, Closure $next)
{
    $token = isset($_COOKIE["jwt_token"])?$_COOKIE["jwt_token"]:"";
    //$request['token'] = $token;//this is working
    $request->headers->set("Authorization", "Bearer $token");//this is working
    $response = $next($request);
    //$response->header('header name', 'header value');
    return $response;
}

Register middleware in Kernel.php

 protected $middleware = [
    ....
    \App\Http\Middleware\AddToken::class,
];

Answer 2

I'm also using jwt protecting our api. You should change your config like below:

'defaults' => [
    'guard' => 'api',
    'passwords' => 'users',
],

'guards' => [
    ...

    'api' => [
        'driver' => 'jwt', // KEY POINT!!!
        'provider' => 'users',
    ],
],

Make sure the jwt library installed correctly:

1. Tymon\JWTAuth\Providers\LaravelServiceProvider::class is added in your config/app.php.

2. Your user model implements JWTSubject interface if you use eloquent model in your provider.