CODEWITHSUNDEEP
laraveljwtlumen
bitcodr
bitcodr

Reputation: 1454

Set expire time in lumen jwt token

I create an authentication api with jwt and Lumen.

I use tymondesigns/jwt-auth package in my Lumen project for authentication. In project when users logon I want to expire user token after 1 month.

Now how can i fix it?

Upvotes: 5

Views: 13624

Answers (5)

Kamlesh
Kamlesh

Reputation: 6135

I am using Lumen 8.0 version. I have just added below line in .env file for 24 hours and restarted project in command line and it worked like charm:

JWT_TTL=1440

NOTE: Please do not forget to restart project in command line. Happy to help and share this code. Thanks for asking this question.

Upvotes: 2

Saddan
Saddan

Reputation: 1655

I'm using Lumen (5.8.12) what I really did is set the value in .env file like thisenter image description here

Just add the value of JWT_TTL in your .env file.The default time is 60 minutes here my value represent 1440(60*24) minute or 1 day

Upvotes: 2

Fisherman
Fisherman

Reputation: 6121

On latest(varsion >1.0.0) lumen JWT_TTL in .env will work as they use 'ttl' => env('JWT_TTL', 60), in their internel code.
Ref: https://github.com/tymondesigns/jwt-auth/blob/develop/config/config.php

Upvotes: 2

Tiago Gouvêa
Tiago Gouvêa

Reputation: 16740

In fact, to me, it just work when I changed the exp parameter at JWT::encode.

On my code, after use login I sent some response. Follow all my code. The exp are on third method.

/**
 * Authenticate a user and return the token if the provided credentials are correct.
 *
 * @param Request $request
 * @return mixed
 * @internal param Model $user
 */
public function authenticate(Request $request)
{
    $this->validate($this->request, [
        'email' => 'required|email',
        'password' => 'required'
    ]);
    // Find the user by email
    $user = User::where('email', $this->request->input('email'))->first();
    if (!$user) {
        return $this->responseError('USER_DOES_NOT_EXISTS', 404);
    }

    // Verify the password and generate the token
    if (Hash::check($this->request->input('password'), $user->password)) {
        return $this->responseUserData($user);
    }

    // Bad Request response
    return $this->responseError('EMAIL_OR_PASSWORD_WRONG', 403);
}

/**
* Create response json
* @param $user
* @return \Illuminate\Http\JsonResponse
*/
private function responseUserData($user)
{
    return response()->json([
        'token' => $this->jwt($user),
        'user' => $user->getUserData()
    ], 200);
}

/**
 * Create a new token.
 *
 * @param  \App\User $user
 * @return string
 */
protected function jwt(User $user)
{
    $payload = [
        'iss' => "lumen-jwt", // Issuer of the token
        'sub' => $user->id, // Subject of the token
        'iat' => time(), // Time when JWT was issued.
        'exp' => time() + 60 * 60 * 60 * 24 // Expiration time
    ];

    // As you can see we are passing `JWT_SECRET` as the second parameter that will
    // be used to decode the token in the future.
    return JWT::encode($payload, env('JWT_SECRET'));
}

I wish it could help you.

Upvotes: 2

Angad Dubey
Angad Dubey

Reputation: 5452

If you ran:

php artisan vendor:publish

as per the installtion wiki: https://github.com/tymondesigns/jwt-auth/wiki/Installation

Then simple change the ttl setting:

// In config/jwt.php

...

/*
|--------------------------------------------------------------------------
| JWT time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token will be valid for.
| Defaults to 1 hour
|
*/

'ttl' => 43800, // valid for 1 month

 ...

Upvotes: 8

Related Questions