I've implemented jwt-auth v1.0.0-rc2 into my Laravel 5.6 application and all seems to be working fine so far except for the ability to logout when the token has expired.
When I call the logout method from my AngularJS application, it calls: JWTAuth::invalidate( $request->input( 'token' ) );
from my Laravel application (AuthController) to invalidate the token, however, it always returns a 401 Unauthorized
back.
I can confirm that I have blacklist_enabled
set to true to blacklist invalidated tokens. I can logout normally when I have a valid token, but not once it has expired. My AngularJS application handles 401 errors normally (through an auth interceptor) and redirects back to a login page, but upon logout, I rely on the confirmation back from the server.
I am using the default jwt-auth middleware classes like so:
'jwt.auth' => \Tymon\JWTAuth\Middleware\Authenticate::class,
And my logout route:
Route::group(['prefix' => 'v1', 'middleware' => 'jwt.auth'], function () {
Route::post('logout', 'AuthController@logout');
});
I am sending my token as an authorization header within the logout POST request.
I don't seem to be able to find anything on this issue. I am not sure what I am missing, but maybe I have something setup incorrectly?
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire