jwt-auth icon indicating copy to clipboard operation
jwt-auth copied to clipboard

Published 20 hours ago verified publisher icon PHP-Open-Source-Saver

fix: overwrite custom claims from token

Open plusnin-dev opened this issue 1 year ago • 2 comments

Description

There is a problem. When a user is authorized, his data is written to getJWTCustomClaims. But if the user changes them during the session, the data in the token remains old when the token is updated. The subsequent update takes the data from the token and overwrites the new user data. This causes the token to contain irrelevant data. If you exit the session and login again, the data is taken up to date.

public function getJWTCustomClaims()
    {
        return [
            'locale' => $this->locale ?? config('app.fallback_locale'),
        ];
    }

plusnin-dev avatar Jun 30 '23 16:06 plusnin-dev

lgtm, however could you please add a test with this scenario as well?

specialtactics avatar Feb 11 '24 09:02 specialtactics

Waiting for testing scenario to merge 👍

Messhias avatar Feb 12 '24 12:02 Messhias