jwt-auth icon indicating copy to clipboard operation
jwt-auth copied to clipboard

Published 20 hours ago verified publisher icon tymondesigns

Broadcast Auth route doesn't work with 'jwt.auth' middleware

Open shah-newaz opened this issue 6 years ago • 4 comments

Subject of the issue

I'm trying to implement a chat server using Laravel Echo, Redis, Websocket, Vue JS and tymon/jwt-auth. I need my broadcast auth route to be authenticated by jwt.

When I make a post request with 'Bearer my_token' to '/broadcasting/auth' it throws AccessDeniedHttpException . I've set up my BroadcastServiceProvider like so:

Broadcast::routes(['middleware' => [ 'api' ,'jwt.auth' ]]);

The issue is thrown on Tymon\JWTAuth\Middleware\Authenticate @handle The error message is not helpful at all. Fairly straight forward to reproduce as I could do it on a fresh laravel installation as well.

Could it be, after successful authentication the package is not returning an expected type of response that is expected by the Broadcaster::authenticate method?

Since the error is invoked like this:

            $parameters = $this->extractAuthParameters($pattern, $channel, $callback);
 
            $handler = $this->normalizeChannelHandlerToCallable($callback);
 
            if ($result = $handler($request->user(), ...$parameters)) {
                return $this->validAuthenticationResponse($request, $result);
            }
        }
 
        throw new AccessDeniedHttpException;

That's the Broadcaster::authenticate method that's handling the final response. Maybe $request->user() is not accessible by it?

I don't even know if this is a Laravel shortcoming, package issue. Please suggest...

Your environment

Q A
Bug? yes
New Feature? no
Framework Laravel
Framework version 5.6.x
Package version 1.0.0-rc.2
PHP version 7.2

Steps to reproduce

  1. On a fresh Laravel installation, configure Tymon/JWTAuth and then enable Broadcast service provider.
  2. Configure Broadcast service providers Broadcast::routes() with attributes to use jwt.auth middleware like this: Broadcast::routes(['middleware' => [ 'api' ,'jwt.auth' ]]);
  3. Make a POST request with a valid bearer token to /broadcasting/auth endpoint

Expected behaviour

User authenticates successfully.

Actual behaviour

Laravel throws AccessDeniedHttpException

shah-newaz avatar May 28 '18 18:05 shah-newaz

@shah-newaz I've got the same issue. Did you find any solutions?

gileneusz avatar Jun 27 '18 23:06 gileneusz

Hi, one workaround is to create your broadcast routes manually and not use the in built ones. Thanks

tintinboss avatar Jun 28 '18 08:06 tintinboss

I found a solution, update your jwt-auth package into 1.0.0-rc.2, apply the docs then modify the BroadcastServiceProvider into Broadcast::routes(['middleware' => ['auth:api']]);

einnar82 avatar Oct 04 '18 14:10 einnar82

I found a solution, update your jwt-auth package into 1.0.0-rc.2, apply the docs then modify the BroadcastServiceProvider into Broadcast::routes(['middleware' => ['auth:api']]);

this return 404 in console developer.. any suggest?

boyet007 avatar Sep 02 '21 05:09 boyet007