Search code examples
phplaravelauthenticationjwtmiddleware

laravel Jwt.auth not validating the access_token in live server but working perfectly in localhost

I have use jwt.auth in Laravel Auth for API, token successfully generated by login but the bearer token not validated for other jwt.auth middleware.

API Route

Route::group(['middleware' => ['api'], 'namespace' => 'Api'], function(){
     Route::group(['prefix' => 'user','middleware' => ['assign.guard:user']],function ()
    {
        Route::post('register', [App\Http\Controllers\UserController::class, 'register']);
        Route::post('login', [App\Http\Controllers\UserController::class, 'login']);
        Route::post('/logout', [App\Http\Controllers\UserController::class, 'logout'])->middleware('jwt.auth');
        Route::post('/refresh', [App\Http\Controllers\UserController::class, 'refresh'])->middleware('jwt.auth');
        Route::get('/user-profile', [App\Http\Controllers\UserController::class, 'userProfile'])->middleware('jwt.auth');

        Route::post( 'send-inquiry', [App\Http\Controllers\API\InquiryController::class, 'store'])->middleware('jwt.auth');

    });

});

config/app.php

'providers' => [
        Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
],

'aliases' => [
       'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
        'JWTFactory' => Tymon\JWTAuth\Facades\JWTFactory::class,
],

config/auth.php

'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'jwt',
            'provider' => 'vendors',
        ],

        'vendor' => [
            'driver' => 'jwt',
            'provider' => 'vendors',
        ],

        'user' => [
            'driver' => 'jwt',
            'provider' => 'users',
        ],

        'admin' => [
            'driver' => 'session',
            'provider' => 'admins',
        ],
    ],

Middleware File : app/Http/Middleware/AssignGuard.php

<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class AssignGuard
{
    public function handle($request, Closure $next, $guard = null)
    {
        if($guard != null)
            auth()->shouldUse($guard);
        return $next($request);
    }
}

Please help.

Thanks in Advance..

Solution

  • You need to send authorization token in the header. You might need to modify your Apache settings to allow for authorization headers to be sent.

    Authorization: Bearer {yourtokenhere}

    You can modify your .htaccess file with:

    RewriteCond %{HTTP:Authorization} ^(.*)

    RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]