jwt-auth
jwt-auth copied to clipboard
tymondesigns
Lumen handling jwt exception
I've setup JWT in lumen framework based to this article www.akaita.com/post/json-web-token-authentication-for-lumen-5-tymon-jwt-auth/
But i cannot handle JWTExceptions, when my token is invalid, application throws AuthorizationException exception and it is not throw JWTException s.
@alihasanzaade I'm using Lumen 5.5 and everything is working as expected. Check this issue #1353 😉
I am using
"php": ">=7.0.0",
"fideloper/proxy": "~3.3",
"laravel/framework": "5.5.*",
"laravel/tinker": "~1.0",
"tymon/jwt-auth": "1.0.0-rc.1"
it worked here Add the following code to the render method within app/Exceptions/Handler.php
public function render($request, Exception $e)
{
if($e instanceof \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException){
return response()->json([$e->getMessage()], $e->getStatusCode());
}
return parent::render($request, $e);
}
@bernard-murunga check my comment here. it's what you're looking for https://github.com/tymondesigns/jwt-auth/issues/1353#issuecomment-345805157
@jgrossi Sorry but your solution doesn't work for me. The only response i still get is status code 401 from the Authenticate middleware
@bernard-murunga you must change how you handle exceptions. did you update your Handler.php class? that's the file you're gonna change to handle the AuthorizationException. what's happening on the Authenticate middleware is correct, it's throwing the exception, just that. now you have to deal with it in your Handler.php file.
here you find an example of the render() method. attention to the $this->isJwtException() method:
public function render($request, Exception $exception)
{
if ($response = $this->isJwtException($exception)) {
return $response;
} elseif ($exception instanceof ModelNotFoundException) {
return response()->json([
'message' => sprintf(
"Resource not found: [%s]",
$this->retrieveResource($exception)
),
], 404);
}
return parent::render($request, $exception);
}
and finally the isJwtException() method:
private function isJwtException(Exception $e)
{
if ($e instanceof UnauthorizedHttpException) {
if ($e->getPrevious() instanceof TokenExpiredException) {
return response()->json(['token_expired'], $e->getStatusCode());
} elseif ($e->getPrevious() instanceof TokenInvalidException) {
return response()->json(['token_invalid'], $e->getStatusCode());
}
}
return null;
}
I know it has been a long time since this error was shown, I am currently learning to use laravel lumen in version 10:
{
"php":"^8.1",
"guzzlehttp/guzzle":"^7.7",
"laravel/lumen-framework": "^10.0",
"tymon/jwt-auth": "^2.0"
},
I am developing Lumen as an API so it is important that the response is in json format. When trying to enter an auth middleware path with jwt, I noticed that it does not run the ExceptionHandler and that the response is only:
'Unauthorized'
401
We know that the Middleware is the one who intercepts the requests, in this case it would be the App\Http\Middleware\ Authenticate, in the handle method we find the following:
public function handle($request, Closure $next, $guard = null)
{
if ($this->auth->guard($guard)->guest()) {
return response('Unauthorized.', 401);
}
return $next($request);
}
In this case to give a simple example I would repackage it by a Json response in the conditional of the guard:
public function handle($request, Closure $next, $guard = null)
{
if ($this->auth->guard($guard)->guest()) {
return new Illuminate\Http\JsonResponse([[
'error' => 'Unauthorized',
'code' => 401
], 401);
}
return $next($request);
}
And so basically modifying the middleware is that now I have the following response in json format:
{
"error": "Unauthorized",
"code": 401
}
