Search code examples
laravellaravel-5.4laravel-passport

How to retrieve Laravel Passport access token expiration duration or datetime?

I'm using Laravel 5.4 and Passport 4. I want to use only First-Party-App only. So as suggested from this answer, I want to stay away from putting the ClientID and ClientSecret in the App. I have put in boot() method of AuthServiceProvider :

Passport::routes();
Passport::tokensExpireIn(Carbon::now()->addDays(30));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(60));

I added my own route in api.php to accept login from App :

Route::post('login', 'Auth\LoginController@apiLogin');

This is my Action :

public function apiLogin(Request $request)
{
    $credentials = $request->only('email', 'password');

    if (Auth::attempt($credentials)) {
        // Authentication passed...
        $user = Auth::user();
        $token = $user->createToken('API Access')->accessToken;

        return response()->json(["token_type" =>"Bearer","expires_in" => 2592000,"access_token" => $token]);
    }

    return response()->json(["error" => "invalid_credentials", "message" => "The user credentials were incorrect."], 401);
}

Is there any method to retrieve the number of seconds for expires_in (30 days => 2592000s), or the datetime so I could make the calculation automatically?

Solution

  • Here is how I managed to get it from the object:

    As Tim Lewis pointed me in the comments, there is a $token property, $user->createToken('API Access') is a Laravel\Passport\PersonalAccessTokenResult object that contains 2 public properties : $accessToken (String) and $token (Laravel\Passport\Token). So I get the token with $objToken = $user->createToken('API Access'); and calculate expiration time in seconds with $expiration = $objToken->token->expires_at->diffInSeconds(Carbon::now());. Here is the final code :

    public function apiLogin(Request $request)
{
    $credentials = $request->only('email', 'password');

    if (Auth::attempt($credentials)) {
        // Authentication passed...

        Passport::tokensExpireIn(Carbon::now()->addDays(30));
        Passport::refreshTokensExpireIn(Carbon::now()->addDays(60));

        $user = Auth::user();
        $objToken = $user->createToken('API Access');
        $strToken = $objToken->accessToken;

        $expiration = $objToken->token->expires_at->diffInSeconds(Carbon::now());

        return response()->json(["token_type" => "Bearer", "expires_in" => $expiration, "access_token" => $strToken]);
    }

    return response()->json(["error" => "invalid_credentials", "message" => "The user credentials were incorrect."], 401);
}

    But be careful if using these 2 lines in AuthServiceProvider boot() :

    Passport::tokensExpireIn(Carbon::now()->addDays(30));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(60));

    as it won't replace the expiration with Personal Access Token in Password Grant Type of Laravel 5.4 according to this Laravel Passport Issue.