luoshiben
3 years ago

[L5] Dingo + JWT unable to authenticate with invalid token

Posted 3 years ago by luoshiben

Hey All,

I'm using Dingo/API for the first time and have configured Tymon/JWT-auth as the auth provider. However, I can't seem to get a token validated. When I pass through a valid token I get the error, "Unable to authenticate with invalid token." Here's a bit of my setup and config for reference.

// config/api.php
...
  'auth' => [
        'jwt' => 'Dingo\Api\Auth\Provider\JWT'
    ],
...
// config/jwt.php
...
'user' => 'MyApp\Users\User', //this is set to my actual User model
...
'providers' => [
        'user' => 'Tymon\JWTAuth\Providers\User\EloquentUserAdapter',
        'jwt' => 'Tymon\JWTAuth\Providers\JWT\NamshiAdapter',
        'auth' => function ($app) {
            return new Tymon\JWTAuth\Providers\Auth\IlluminateAuthAdapter($app['auth']);
        },
    ...
]
...
// config/app.php
...
'providers' => [
    ...
        Dingo\Api\Provider\LaravelServiceProvider::class,
        Tymon\JWTAuth\Providers\JWTAuthServiceProvider::class,
    ...
]
...
// JWTAuth facade is listed in aliases also

I create tokens in an authentication controller with JWTAuth::fromUser($user);. If I decode this token at jwt.io, for example, everything looks good, the user's ID is in the 'sub' field, and the signature is verified. I can even run \JWTAuth::toUser($token); right in a route closuer (with no middleware applied) and the User object is returned successfully. However, if I apply the api.auth middleware to the route I just get the "unable to authenticate" error.

If it matters, I'm testing my endpoint using Postman. The method is set to GET (as required by my route), and in the Headers section I have the key "Authorization" and value of "Bearer {token}". I believe that these settings are correct because if I remove "Bearer" I get an "invalid authorization header", and if I use a bad token I get "Could not decode token."

I'm probably missing something simple here, but haven't yet been able to figure out what it is. Any assistance would be much appreciated. Thanks in advance!

Please sign in or create an account to participate in this conversation.