dimanche 29 septembre 2019

JWT Token Signature could not be verified error with external API login

In Laravel 5.8 / vuejs / vuex / mysql app I use jwt-auth and when I login into the system (standart auth with mysql users table) I use method :

export function setAuthorizationToken(token) {
    axios.defaults.headers.common["Authorization"] = `Bearer ${token}`
}

and it worked ok.

Next I remade SignUp/SignIn to use external API for SignUp/SignIn operations. So my app needs to make SignUp/SignIn with external API , but also I have requests for controls of my app to read/write data from/to mysql.

I remade SignIn request to external API with php curl in control action when user clicks SignIn button, like :

    public function login(Request $request)
    {
        $credentials = $request->only('email', 'password');

   // I run login method
            $ch = curl_init();
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

            curl_setopt($ch, CURLOPT_URL, $this->admindashApi . '/api/login');
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json; charset=utf-8"));

            $userLoginData = [
                'email'    => $credentials['email'],
                'password' => $credentials['password'],
            ];
            curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($userLoginData));

            $resp = curl_exec($ch);

            $respArray = json_decode($resp);
            if ( isset($respArray->success) and empty($respArray->success)) { // login fails - return error in responce
                $err = curl_error($ch);
                curl_close($ch);

                $errorsArray     = [$respArray->data];
                $errors_message  = $respArray->data;

                return response()->json([
                    'error_code' => 1,
                    'message'    => $errors_message,
                    'errors'     => $errorsArray,
                    'rows_total' => 0,
                ], HTTP_RESPONSE_BAD_REQUEST /*HTTP_RESPONSE_INTERNAL_SERVER_ERROR*/);

            } //if ( isset($respArray->success) and empty($respArray->success)) { // login fail

            $logged_user_token = $respArray->data->token;
            // if login was successfull I keep token





             // I need to get details of the logged user
            $loggedUser= null;

            $ch = curl_init();
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

            curl_setopt($ch, CURLOPT_URL, $this->admindashApi . '/api/user');

            curl_setopt($ch, CURLOPT_HTTPHEADER, [
                "Content-Type: application/json; charset=utf-8",
                "Authorization: Bearer ".$logged_user_token
            ]);


            $resp = curl_exec($ch);

            $respArray = json_decode($resp);
            if ( isset($respArray->success) and empty($respArray->success)) { // details read fails - return error in responce
                $err = curl_error($ch);
                curl_close($ch);

                $errorsArray     = [$respArray->data];
                $errors_message  = $respArray->data;

                return response()->json([
                    'error_code' => 1,
                    'message'    => $errors_message,
                    'errors'     => $errorsArray,
                    'rows_total' => 0,
                ], HTTP_RESPONSE_BAD_REQUEST );

            } //if ( isset($respArray->success) and empty($respArray->success)) {
            $loggedUser= $respArray->data->customer_details;

//            $this->respondWithToken($logged_user_token);

            return response()->json(['error_code' => 0, 'message' => '', "token" => $logged_user_token, 'user'=> $loggedUser ], HTTP_RESPONSE_OK );
            // if user details read was successfull I return logged user

        }   // if( !empty($this->useAdmindashApi) and !empty($this->admindashApi)) {

But the problem is when I read data from my mysql db with app controls, I got

Token Signature could not be verified

in console. I suppose that jwt-auth knows nothing about token I read from external API in $logged_user_token var. Is there is a way to write value from $logged_user_token to jwt-auth token in my control above ?

"laravel/framework": "5.8.*",
"tymon/jwt-auth": "^1.0.0",


"vue": "^2.5.17",
"axios": "^0.18",
"vuex": "^3.1.0"

Thanks!



via Chebli Mohamed

Aucun commentaire:

Enregistrer un commentaire