CODEWITHSUNDEEP
phplaravellaravel-5jwt
André Bolinhas
André Bolinhas

Reputation: 165

Laravel 5.4 JWT - Token Signature could not be verified

I'm building an api to authenticate my users through my mobile application The login controller return me the correct token.

<?php

namespace App\Api\V1\Controllers;

use Symfony\Component\HttpKernel\Exception\HttpException;
use Tymon\JWTAuth\JWTAuth;
use App\Http\Controllers\Controller;
use App\Api\V1\Requests\LoginRequest;
use Tymon\JWTAuth\Exceptions\JWTException;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

class LoginController extends Controller
{
    public function login(LoginRequest $request, JWTAuth $JWTAuth)
    {
        $credentials = $request->only(['username', 'password']);

        try {
            $token = $JWTAuth->attempt($credentials);

            if(!$token) {
                throw new AccessDeniedHttpException();
            }

        } catch (JWTException $e) {
            throw new HttpException(500);
        }

        return response()
            ->json([
                'status' => 'ok',
                'token' => $token
            ]);
    }
}

Postman result

{
  "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjEsImlzcyI6Imh0dHBzOlwvXC9iZXRhZmlsZS5vcmdcL2dpcHNcL3B1YmxpY1wvYXBpXC9hdXRoXC9sb2dpbiIsImlhdCI6MTQ5Mjc4MDI2NiwiZXhwIjoxNDkyNzgzODY2LCJuYmYiOjE0OTI3ODAyNjYsImp0aSI6InZHWkxaNHNqRUlqYW05WTMifQ.g8_-qHsVVvCEj9_BoqDCKJ9QHvm-yqWALsXmxeMK_3c"
}

Now when I tried to get the current user by token I get the signature error User controller

<?php

namespace App\Api\V1\Controllers;

use JWTAuth;
use App\Record;
use App\Http\Requests;
use Illuminate\Http\Request;
use Dingo\Api\Routing\Helpers;
use App\Http\Controllers\Controller;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;

class RecordController extends Controller
{
    use Helpers;

    public function store(Request $request) {
        //$record = new Record;
        //return $this->currentUser();
        $currentUser = JWTAuth::parseToken()->authenticate();
        return $currentUser;

    }

    private function currentUser() {
        return JWTAuth::parseToken()->authenticate();
    }
}

Postman result

{
  "error": {
    "message": "Token Signature could not be verified.",
    "status_code": 500
  }
}

I already try by pass the token by url domain.com/api/auth?token=token_key and by header Authorization Bearer token_key

Also I have the jwt secret inside config/jwt.php 'secret' => env('jwt_secret') and inside .env JWT_SECRET=jwt_secret

Any tip to help to solve this issue?

Thanks

Upvotes: 0

Views: 9251

Answers (1)

GrigorAtaryan
GrigorAtaryan

Reputation: 473

Try generate a key:

php artisan jwt:secret

This will update your .env file with something like JWT_SECRET=foobar

Upvotes: 2

Related Questions