JWT Auth API

JSON Web Token Authentication for your OctoberCMS API integrated with RainLab.User

Back to JWT Auth API Support

netsmertia
netsmertia

I have admin users of different roles and decided to go with backend users so I don't need to create same form/list twice.

Is it possible to use this plugin with backend User along with Frontend User

vdomah
vdomah

Hello! Great question! I haven't tried to use Backend User, but it seems to be possible. You need to define in your .env of the project's root the following variable: https://github.com/vdomah/oc-jwtauth/blob/master/config/auth.php#L62

Set it to Backend User model. Give a feedback please if you have an luck or other questions! Art

netsmertia
netsmertia

Thank you, It is working without any issue if I set the user to backend user "\Backend\Models\User".

I need to provide the jwt support for both frontend and backend.

netsmertia
netsmertia

So far I am able to configure to authenticate the user for both (backend & frontend) by changing the default guard at runtime in login method. I planned to handle this by providing a parameter in request.

Now need to figure out how to pickup correct guard in middleware "GetUserFromToken". Currently It get the default guard form auth config.

   'guards' => [
        'web' => [..],
        'backend' => [
            'driver' => env('AUTH_GUARDS_WEB_DRIVER', 'session'),
            'provider' => env('AUTH_GUARDS_WEB_PROVIDER', 'backend-users'),
        ],
        'api' => [
            'driver' => env('AUTH_GUARDS_API_DRIVER', 'token'),
            'provider' => env('AUTH_GUARDS_API_PROVIDER', 'users'),
        ],
    ],
    'providers' => [
        'users' => [
            'driver' => env('AUTH_PROVIDERS_USERS_DRIVER', 'eloquent'),
            'model' => env('AUTH_PROVIDERS_USERS_MODEL', '\RainLab\User\Models\User'),
        ],
        'backend-users' => [
            'driver' => env('AUTH_PROVIDERS_USERS_DRIVER', 'eloquent'),
            'model' => '\Backend\Models\User',
        ],
    ],

In routes.php (login)

            // verify the credentials and create a token for the user
            // Config::set('auth.defaults.guard', 'backend');
            $app = app();
            if (! $token = JWTAuth::attempt($credentials)) {
                return response()->json(['error' => 'invalid_credentials'], 401);
            }

Any better way to handle default guard on route basis.

netsmertia
netsmertia

Finally I am able to authenticate the user for login and api routes. I have created two middleware and configured the default guard accordingly. Middleware for backend routes.

<?php
namespace Nets\Estate\Middleware;

use Tymon\JWTAuth\Exceptions\JWTException;
use Tymon\JWTAuth\Exceptions\TokenExpiredException;
use Tymon\JWTAuth\Middleware\GetUserFromToken;

class GetBackendUserFromToken extends GetUserFromToken
{
    public function handle($request, \Closure $next)
    {
        \Config::set('auth.defaults.guard', 'backend');
        return parent::handle($request, $next);
    }
}

If there is a better way, please suggest.

Last updated

1-5 of 5