Level 122
Perhaps your user is still logged in?
You send an expirationDate of +1 hour, but what actually invalidates the token?
2 likes
May 7, 2023
4
Level 1
Can't login again with the same user after token expires the first time
So I am having this problem whenever I login in with a user account after the token session expires in an hour when I try to log in again with the same user I can't seem to do that and it won't give me a token. I don't really know why this is happening. This is how my code looks like, tries searching online and asked ChatGPT but couldn't find where the problem is.
The Auth::attempt($credentials) is always returning false and I can't login again with the same user info that I logined before.
Controller
public function __construct(){
$this->middleware( 'auth:api', [ 'except' => ['login','register'] ]);
}
public function login( Request $request ){
$request->validate([
'phoneNumber' => 'required|string',
'password' => 'required|string',
]);
$credentials = $request->only( 'phoneNumber','password');
if (!Auth::attempt($credentials)) {
return response()->json([
'status' => false,
'message' => 'Invalid phone number or password',
], 401);
}
$user = Auth::user();
$token = $user->createToken('Personal Access Token')->accessToken;
$expirationDate = Carbon::now()->addHours(1)->toIso8601String();
return response()->json([
'status' => true,
'message' => 'Login Successfully',
'data' => json_encode([
'user' => $user,
'authorisation' => [
'token' => $token,
'expirationDate' => $expirationDate,
'type' => 'bearer',
'expires_in' => auth()->factory()->getTTL() * 60
]
])
]);
}
public function register( Request $request ){
$request->validate([
'mainResellerId' => 'required|integer',
'name' => 'required|string|max:255',
'email' =>'sometimes|required|email|max:155|unique:users' ,
'phoneNumber' => 'required|string|size:8|unique:users',
'password' => 'required|string|min:6',
'role' => 'in:resellerB, manager, resellerA, SuperAdmin',
'verified' => 'boolean',
'lbpBalance' => 'integer',
'usdBalance' => 'integer',
'limitPurchaseLbp' => 'integer',
'limitPurchaseUsd' => 'integer'
]);
$user = User::create([
'mainResellerId' => $request->mainResellerId,
'name' => $request->name,
'email' => $request->email ?? '',
'phoneNumber' => $request->phoneNumber,
'password' => Hash::make($request->password),
'role' => $request->role ?? 'resellerB',
'verified' => $request->verified ?? 0,
'lbpBalance' => $request->lbpBalance ?? 0,
'usdBalance' => $request->usdBalance ?? 0,
'limitPurchaseLbp' => $request->limitPurchaseLbp ?? 0,
'limitPurchaseUsd' => $request->limitPurchaseUsd ?? 0,
]);
$token = Auth::login( $user );
return response()->json([
'status' => true,
'message' => 'User Created',
'data' => json_encode([
'user' => $user,
'authorisation' => [
'token' => $token,
'type' => 'bearer',
]
])
]);
}
public function logout(){
Auth::logout();
return response()->json([
'status' => true,
'message' => 'Signed Out Successfully',
]);
}
Level 1
@Snapey Sorry I don't fully understand what you mean, I am still trying to find my way using Laravel. Can you elaborate more?
Level 122
@hassanz93 if you are just finding your way, start with the out of the box authentication rather than coming up with your own solution.
You are issuing a token and somehow that token expires? I'm asking how you evaluate if the token has expired?
Please or to participate in this conversation.