Hi I am using angular js in front end with satellizer and laravel at backend with tymon jwt library. I am using jwt authentication. I want to make remember me functionalities in my web app. I see 'ttl' to set expiry time of token in laravel 'config/jwt.php.
/*
|--------------------------------------------------------------------------
| JWT time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token will be valid for.
| Defaults to 1 hour
|
*/
'ttl' => 60,
By default, it will be 1 hour. But I want to change this dynamically to 1 week if user clicks remember me while login. How can I change it dynamically. Thank you.
You can add exp as a custom claim as follows: $token = JWTAuth::attempt($credentials, ['exp' => Carbon\Carbon::now()->addDays(7)->timestamp]); The code above creates a token that expires in 7 days time.
As you said, the expiry time in a JTW is set when the JWT is generated and signed. You cannot change an existing token, e.g. by changing the expiry time, because after the change, the signature would not be correct anymore.
In short, you need to use REFRESH_TOKEN when ACCESS_TOKEN expires to get a new ACCESS_TOKEN. JWT has two kind of tokens: ACCESS_TOKEN and REFRESH_TOKEN.
You can add exp
as a custom claim as follows:
$token = JWTAuth::attempt($credentials, ['exp' => Carbon\Carbon::now()->addDays(7)->timestamp]);
The code above creates a token that expires in 7 days time. You don't have to use Carbon
it just requires a Unix timestamp, I've used Carbon
here for simplicity since its built into Laravel.
You can use JWTFactory
(1.0 version)
$myTTL = 30; //minutes
JWTAuth::factory()->setTTL($myTTL);
$token = JWTAuth::attempt($credentials);
You can do following to generate JWT token with needed expire time:
JWTAuth::customClaims(['exp' => Carbon\Carbon::now()->addDays(2)->timestamp])
->fromUser($user);
I'm not 100% sure, but what happens if you set within your AppServiceProvider@register
the config:
config()->set('jwt.ttl', 60*60*7);
or with a facade:
Config::set('jwt.ttl', 60*60*7);
Why would you set it dynamically? Or do you not use the publishing from the config (it's not publishing the config/jwt.php
)?
EDIT:
Another solution would be to set it through your .env
file:
config/jwt.php
// set the default TTL to one week if the .env file does not contain a `JWT_TTL` var
'ttl' => env('JWT_TTL', 60*60*7),
And within .env
:
JWT_TTL=3600
None of the above answers worked for me. I managed to get it working like this.
$ttl_in_minutes = 60*24*100;
// The parameter passed to the auth helper should match what is present in config/auth.php
if($request->input('remember')) auth('api')->factory()->setTTL($ttl_in_minutes);
Tymon JWT v 1.0
you can override default ttl when attempting to login user:
if (! $token = auth()->setTTL(1)->attempt($credentials)) {
return response()->json(['message' => 'Unauthorized user'], 401);
}
Override the token ttl without any changing in config/jwt.php
$token = auth()->setTTL(7200)->attempt($credentials);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With