2

I'm currently implementing JWT in my project to support an API of sorts. This API is only available for a specific model. This model works correctly using the custom guard I've declared when I want to log it in, I've ensured the contracts and authenticatable traits have been properly applied, yet the ->byId method always fails. Here's my code:

namespace App;

class Customer extends Model implements Authenticatable {

    use \Illuminate\Auth\Authenticatable;

In my jwt.php file, I've told it to use my custom model:

'user' => \App\Customer::class,

When I execute:

JWTAuth::fromUser($customer);

I receive a proper token.

I then use Postman to check this by passing it with the Authorization: Bearer <token> header. The token is correctly set.

For subsequent requests to my protected route, I then attempt to authenticate the user in this way:

$token = JWTAuth::parseToken()->authenticate();

->authenticate() always fails.

The reason it fails is due to this:

 if (! $this->auth->byId($id)) {
        return false;
 }

This always returns false.

However, resolving the id from the $id = $this->getPayload($token)->get('sub'); call does provide me with the valid ID for this particular Customer. Further, the model is actually a traditional model, where the PK is the id column, and my identifier is set correctly:

'identifier' => 'id',

Why is the EloquentUserAdapter not able to resolve an instance of my Customer?

I've scoured Google and have attempted a variety of fixes, but nothing has come to fruition. Any help would be greatly appreciated.

Update

I've dumped the SQL query that was executed, and the table it attempts to reference is my default User model, it is not my custom model. Why is that?

Update 2 The tymon.jwt.provider.user singleton bound to the UserInterface correctly references my custom model:

return $app['tymon.jwt.provider.user'];

Provides:

EloquentUserAdapter {#849
    #user: Customer {#850
    #primaryKey: "id"
    #table: "customers"

Update 3

In booting the JWT User provider, it knows which model I want to use:

$model = $app->make($this->config('user'));

Yields:

Customer {#1040
    #primaryKey: "id"
    #table: "customers"
Improve this question
2
  • try to clear config cache artisan config:clear Commented Jul 18, 2017 at 9:06
  • @michail1982 I did try that, nothing. Commented Jul 18, 2017 at 9:06

1 Answer 1

Reset to default
1

I've managed to find the problem.

Under the hood, JWT will use your model to generate a token. However, it does not pass that model to illuminate's Auth Manager, which it will use when attempting to verify the model.

For this purpose, I needed to create my own AuthAdapter and Model (Customer) Adapter:

The AuthAdapter should extend JWT's AuthInterface

use Tymon\JWTAuth\Providers\Auth\AuthInterface;

class CustomerAuthAdapter extends AuthInterface {

Of course it must implement all of the same methods that the AuthInterface does.

Within the byCredentials and byId method of this function, you should log your user into the application. This will ensure that later when JWT want to parse the token and call ->authenticate(), that your user will be available as Auth::guard('customer')->user(). For your purposes, you may not care about the custom guard and can just use Auth::user() (or auth()->user()).

You will also need to provide your own EloquentAdapter, which extends the JWT UserInterface:

use Tymon\JWTAuth\Providers\User\UserInterface;

class EloquentCustomerAdapter implements UserInterface

In this file, it's imperative to inject your Customer model (for my example) dependency into the constructor:

 public function __construct(Customer $user)

Then update your jwt.php file in /config

'user' => '\Path\To\My\EloquentAdapter'

'auth => '\Path\To\My\AuthAdapter'

Then you'll be able to authenticate your token byId or byCredentials against your Customer model (or whatever custom model you wish to use)

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.