In laravel jwt verify token always return XHR status:200 in testand in postman is working perfectly
0
Api.php middleware jwt verify token
Route::group(['middleware' => ['jwt.verify']], function() {
Route::get('getAuthenticatedUser', 'userController@getAuthenticatedUser');
});
It's always return 200 status whether token is valid or not . if we are not added header still it get 200 status.
jwt.auth middleware (its always return 401 whether token is not valid )
Route::group(['middleware' => 'jwt.auth'], function () {
Route::get('getAuthenticatedUser2', 'userController@getAuthenticatedUser')->name('getAuthenticatedUser2');
});
auth:api middleware (its always return 401 whether token is not valid )
Route::group(['middleware' => 'auth:api'], function () {
Route::get('getAuthenticatedUser3', 'userController@getAuthenticatedUser')->name('getAuthenticatedUser3');
});
Authjwt middleware file.
try {
$user = JWTAuth::parseToken()->authenticate();
} catch (Exception $e) {
if ($e instanceof TymonJWTAuthExceptionsTokenInvalidException){
return response()->json(['code'=>404,'message' => 'Token is Invalid'],404);
}else if ($e instanceof TymonJWTAuthExceptionsTokenExpiredException){
return response()->json(['code'=>404,'message' => 'Token is Expired'],404);
}else{
return response()->json(['code'=>404,'status' => 'Authorization Token not found']);
}
}
return $next($request);
}
Apache .htaccess file
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
Even I try different coding still not working.
https://blog.pusher.com/laravel-jwt/
https://github.com/tymondesigns/jwt-auth/wiki/Authentication
https://github.com/tymondesigns/jwt-auth/issues/1632
https://blog.pusher.com/laravel-jwt/
For testing api we used:
https://www.test-cors.org
What's the issue? How I can solve the bug
php laravel cors jwt laravel-5.5
edited Nov 16 '18 at 6:51
Oleg Nurutdinov
360215
asked Nov 16 '18 at 5:57
Kalpesh AmlaniKalpesh Amlani
11
add a comment |
0
Api.php middleware jwt verify token
Route::group(['middleware' => ['jwt.verify']], function() {
Route::get('getAuthenticatedUser', 'userController@getAuthenticatedUser');
});
It's always return 200 status whether token is valid or not . if we are not added header still it get 200 status.
jwt.auth middleware (its always return 401 whether token is not valid )
Route::group(['middleware' => 'jwt.auth'], function () {
Route::get('getAuthenticatedUser2', 'userController@getAuthenticatedUser')->name('getAuthenticatedUser2');
});
auth:api middleware (its always return 401 whether token is not valid )
Route::group(['middleware' => 'auth:api'], function () {
Route::get('getAuthenticatedUser3', 'userController@getAuthenticatedUser')->name('getAuthenticatedUser3');
});
Authjwt middleware file.
try {
$user = JWTAuth::parseToken()->authenticate();
} catch (Exception $e) {
if ($e instanceof TymonJWTAuthExceptionsTokenInvalidException){
return response()->json(['code'=>404,'message' => 'Token is Invalid'],404);
}else if ($e instanceof TymonJWTAuthExceptionsTokenExpiredException){
return response()->json(['code'=>404,'message' => 'Token is Expired'],404);
}else{
return response()->json(['code'=>404,'status' => 'Authorization Token not found']);
}
}
return $next($request);
}
Apache .htaccess file
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
Even I try different coding still not working.
https://blog.pusher.com/laravel-jwt/
https://github.com/tymondesigns/jwt-auth/wiki/Authentication
https://github.com/tymondesigns/jwt-auth/issues/1632
https://blog.pusher.com/laravel-jwt/
For testing api we used:
https://www.test-cors.org
What's the issue? How I can solve the bug
php laravel cors jwt laravel-5.5
edited Nov 16 '18 at 6:51
Oleg Nurutdinov
360215
asked Nov 16 '18 at 5:57
Kalpesh AmlaniKalpesh Amlani
11
Hey mate - what is the actual issue though? Are you not expecting 200, or you are, and are not getting it?
– Chris
Nov 16 '18 at 5:59
Check browser devtools or your server logs to see what request you’re actually getting the 200 OK response for. Is it an OPTIONS request? If the frontend code that makes the request is adding an Authorization header to the request, then that triggers the browser to send a CORS preflight OPTIONS request before trying the actual request from your code. And if your server is configured correctly, it’s expected that it will respond to that OPTIONS request with a 200 OK.
– sideshowbarker
Nov 16 '18 at 6:02
@Chris if the token is not valid the it status should be 404 not 200. we are testing on : test-cors.org
– Kalpesh Amlani
Nov 16 '18 at 6:58
@sideshowbarker we are trying from frontend side also but not work and also jwt.auth and api:auth not working if token is invalid then its pass 404 error
– Kalpesh Amlani
Nov 16 '18 at 7:01
add a comment |
0
0
0
Api.php middleware jwt verify token
Route::group(['middleware' => ['jwt.verify']], function() {
Route::get('getAuthenticatedUser', 'userController@getAuthenticatedUser');
});
It's always return 200 status whether token is valid or not . if we are not added header still it get 200 status.
jwt.auth middleware (its always return 401 whether token is not valid )
Route::group(['middleware' => 'jwt.auth'], function () {
Route::get('getAuthenticatedUser2', 'userController@getAuthenticatedUser')->name('getAuthenticatedUser2');
});
auth:api middleware (its always return 401 whether token is not valid )
Route::group(['middleware' => 'auth:api'], function () {
Route::get('getAuthenticatedUser3', 'userController@getAuthenticatedUser')->name('getAuthenticatedUser3');
});
Authjwt middleware file.
try {
$user = JWTAuth::parseToken()->authenticate();
} catch (Exception $e) {
if ($e instanceof TymonJWTAuthExceptionsTokenInvalidException){
return response()->json(['code'=>404,'message' => 'Token is Invalid'],404);
}else if ($e instanceof TymonJWTAuthExceptionsTokenExpiredException){
return response()->json(['code'=>404,'message' => 'Token is Expired'],404);
}else{
return response()->json(['code'=>404,'status' => 'Authorization Token not found']);
}
}
return $next($request);
}
Apache .htaccess file
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
Even I try different coding still not working.
https://blog.pusher.com/laravel-jwt/
https://github.com/tymondesigns/jwt-auth/wiki/Authentication
https://github.com/tymondesigns/jwt-auth/issues/1632
https://blog.pusher.com/laravel-jwt/
For testing api we used:
https://www.test-cors.org
What's the issue? How I can solve the bug
php laravel cors jwt laravel-5.5
edited Nov 16 '18 at 6:51
Oleg Nurutdinov
360215
asked Nov 16 '18 at 5:57
Kalpesh AmlaniKalpesh Amlani
11
Api.php middleware jwt verify token
Route::group(['middleware' => ['jwt.verify']], function() {
Route::get('getAuthenticatedUser', 'userController@getAuthenticatedUser');
});
It's always return 200 status whether token is valid or not . if we are not added header still it get 200 status.
jwt.auth middleware (its always return 401 whether token is not valid )
Route::group(['middleware' => 'jwt.auth'], function () {
Route::get('getAuthenticatedUser2', 'userController@getAuthenticatedUser')->name('getAuthenticatedUser2');
});
auth:api middleware (its always return 401 whether token is not valid )
Route::group(['middleware' => 'auth:api'], function () {
Route::get('getAuthenticatedUser3', 'userController@getAuthenticatedUser')->name('getAuthenticatedUser3');
});
Authjwt middleware file.
try {
$user = JWTAuth::parseToken()->authenticate();
} catch (Exception $e) {
if ($e instanceof TymonJWTAuthExceptionsTokenInvalidException){
return response()->json(['code'=>404,'message' => 'Token is Invalid'],404);
}else if ($e instanceof TymonJWTAuthExceptionsTokenExpiredException){
return response()->json(['code'=>404,'message' => 'Token is Expired'],404);
}else{
return response()->json(['code'=>404,'status' => 'Authorization Token not found']);
}
}
return $next($request);
}
Apache .htaccess file
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
Even I try different coding still not working.
https://blog.pusher.com/laravel-jwt/
https://github.com/tymondesigns/jwt-auth/wiki/Authentication
https://github.com/tymondesigns/jwt-auth/issues/1632
https://blog.pusher.com/laravel-jwt/
For testing api we used:
https://www.test-cors.org
What's the issue? How I can solve the bug
php laravel cors jwt laravel-5.5
php laravel cors jwt laravel-5.5
edited Nov 16 '18 at 6:51
Oleg Nurutdinov
360215
asked Nov 16 '18 at 5:57
Kalpesh AmlaniKalpesh Amlani
11
edited Nov 16 '18 at 6:51
Oleg Nurutdinov
360215
asked Nov 16 '18 at 5:57
Kalpesh AmlaniKalpesh Amlani
11
edited Nov 16 '18 at 6:51
Oleg Nurutdinov
360215
edited Nov 16 '18 at 6:51
Oleg Nurutdinov
360215
edited Nov 16 '18 at 6:51
Oleg Nurutdinov
360215
360215
asked Nov 16 '18 at 5:57
Kalpesh AmlaniKalpesh Amlani
11
asked Nov 16 '18 at 5:57
Kalpesh AmlaniKalpesh Amlani
11
asked Nov 16 '18 at 5:57
Kalpesh AmlaniKalpesh Amlani
11
11
Hey mate - what is the actual issue though? Are you not expecting 200, or you are, and are not getting it?
– Chris
Nov 16 '18 at 5:59
Check browser devtools or your server logs to see what request you’re actually getting the 200 OK response for. Is it an OPTIONS request? If the frontend code that makes the request is adding an Authorization header to the request, then that triggers the browser to send a CORS preflight OPTIONS request before trying the actual request from your code. And if your server is configured correctly, it’s expected that it will respond to that OPTIONS request with a 200 OK.
– sideshowbarker
Nov 16 '18 at 6:02
@Chris if the token is not valid the it status should be 404 not 200. we are testing on : test-cors.org
– Kalpesh Amlani
Nov 16 '18 at 6:58
@sideshowbarker we are trying from frontend side also but not work and also jwt.auth and api:auth not working if token is invalid then its pass 404 error
– Kalpesh Amlani
Nov 16 '18 at 7:01
add a comment |
Hey mate - what is the actual issue though? Are you not expecting 200, or you are, and are not getting it?
– Chris
Nov 16 '18 at 5:59
Check browser devtools or your server logs to see what request you’re actually getting the 200 OK response for. Is it an OPTIONS request? If the frontend code that makes the request is adding an Authorization header to the request, then that triggers the browser to send a CORS preflight OPTIONS request before trying the actual request from your code. And if your server is configured correctly, it’s expected that it will respond to that OPTIONS request with a 200 OK.
– sideshowbarker
Nov 16 '18 at 6:02
@Chris if the token is not valid the it status should be 404 not 200. we are testing on : test-cors.org
– Kalpesh Amlani
Nov 16 '18 at 6:58
@sideshowbarker we are trying from frontend side also but not work and also jwt.auth and api:auth not working if token is invalid then its pass 404 error
– Kalpesh Amlani
Nov 16 '18 at 7:01
Hey mate - what is the actual issue though? Are you not expecting 200, or you are, and are not getting it?
– Chris
Nov 16 '18 at 5:59
Hey mate - what is the actual issue though? Are you not expecting 200, or you are, and are not getting it?
– Chris
Nov 16 '18 at 5:59
Check browser devtools or your server logs to see what request you’re actually getting the 200 OK response for. Is it an OPTIONS request? If the frontend code that makes the request is adding an Authorization header to the request, then that triggers the browser to send a CORS preflight OPTIONS request before trying the actual request from your code. And if your server is configured correctly, it’s expected that it will respond to that OPTIONS request with a 200 OK.
– sideshowbarker
Nov 16 '18 at 6:02
Check browser devtools or your server logs to see what request you’re actually getting the 200 OK response for. Is it an OPTIONS request? If the frontend code that makes the request is adding an Authorization header to the request, then that triggers the browser to send a CORS preflight OPTIONS request before trying the actual request from your code. And if your server is configured correctly, it’s expected that it will respond to that OPTIONS request with a 200 OK.
– sideshowbarker
Nov 16 '18 at 6:02
@Chris if the token is not valid the it status should be 404 not 200. we are testing on : test-cors.org
– Kalpesh Amlani
Nov 16 '18 at 6:58
@Chris if the token is not valid the it status should be 404 not 200. we are testing on : test-cors.org
– Kalpesh Amlani
Nov 16 '18 at 6:58
@sideshowbarker we are trying from frontend side also but not work and also jwt.auth and api:auth not working if token is invalid then its pass 404 error
– Kalpesh Amlani
Nov 16 '18 at 7:01
@sideshowbarker we are trying from frontend side also but not work and also jwt.auth and api:auth not working if token is invalid then its pass 404 error
– Kalpesh Amlani
Nov 16 '18 at 7:01
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53332220%2fin-laravel-jwt-verify-token-always-return-xhr-status200-in-testand-in-postman-i%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
draft saved
draft discarded
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53332220%2fin-laravel-jwt-verify-token-always-return-xhr-status200-in-testand-in-postman-i%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Hey mate - what is the actual issue though? Are you not expecting 200, or you are, and are not getting it?
– Chris
Nov 16 '18 at 5:59
Check browser devtools or your server logs to see what request you’re actually getting the 200 OK response for. Is it an OPTIONS request? If the frontend code that makes the request is adding an Authorization header to the request, then that triggers the browser to send a CORS preflight OPTIONS request before trying the actual request from your code. And if your server is configured correctly, it’s expected that it will respond to that OPTIONS request with a 200 OK.
– sideshowbarker
Nov 16 '18 at 6:02
@Chris if the token is not valid the it status should be 404 not 200. we are testing on : test-cors.org
– Kalpesh Amlani
Nov 16 '18 at 6:58
@sideshowbarker we are trying from frontend side also but not work and also jwt.auth and api:auth not working if token is invalid then its pass 404 error
– Kalpesh Amlani
Nov 16 '18 at 7:01