CODEWITHSUNDEEP
laravellaravel-5.4laravel-passport
KeitelDOG
KeitelDOG

Reputation: 5180

How to retrieve Laravel Passport access token expiration duration or datetime?

I'm using Laravel 5.4 and Passport 4. I want to use only First-Party-App only. So as suggested from this answer, I want to stay away from putting the ClientID and ClientSecret in the App. I have put in boot() method of AuthServiceProvider :

Passport::routes();
Passport::tokensExpireIn(Carbon::now()->addDays(30));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(60));

I added my own route in api.php to accept login from App :

Route::post('login', 'Auth\LoginController@apiLogin');

This is my Action :

public function apiLogin(Request $request)
{
    $credentials = $request->only('email', 'password');

    if (Auth::attempt($credentials)) {
        // Authentication passed...
        $user = Auth::user();
        $token = $user->createToken('API Access')->accessToken;

        return response()->json(["token_type" =>"Bearer","expires_in" => 2592000,"access_token" => $token]);
    }

    return response()->json(["error" => "invalid_credentials", "message" => "The user credentials were incorrect."], 401);
}

Is there any method to retrieve the number of seconds for expires_in (30 days => 2592000s), or the datetime so I could make the calculation automatically?

Upvotes: 5

Views: 20540

Answers (2)

overtrue
overtrue

Reputation: 9

<?php
//...
use Laravel\Passport\Bridge\PersonalAccessGrant;
use League\OAuth2\Server\AuthorizationServer;
//...

class AppServiceProvider extends ServiceProvider
{
    /**
     * Bootstrap any application services.
     */
    public function boot()
    {
        // http://php.net/manual/zh/dateinterval.construct.php
        $lifetime = new \DateInterval('P1W');

        $this->app->get(AuthorizationServer::class)
              ->enableGrantType(
                 new PersonalAccessGrant(), 
                 $lifetime
              );
    }

    //...
}
//...

Upvotes: 0

KeitelDOG
KeitelDOG

Reputation: 5180

Here is how I managed to get it from the object:

As Tim Lewis pointed me in the comments, there is a $token property, $user->createToken('API Access') is a Laravel\Passport\PersonalAccessTokenResult object that contains 2 public properties : $accessToken (String) and $token (Laravel\Passport\Token). So I get the token with $objToken = $user->createToken('API Access'); and calculate expiration time in seconds with $expiration = $objToken->token->expires_at->diffInSeconds(Carbon::now());. Here is the final code :

public function apiLogin(Request $request)
{
    $credentials = $request->only('email', 'password');

    if (Auth::attempt($credentials)) {
        // Authentication passed...

        Passport::tokensExpireIn(Carbon::now()->addDays(30));
        Passport::refreshTokensExpireIn(Carbon::now()->addDays(60));

        $user = Auth::user();
        $objToken = $user->createToken('API Access');
        $strToken = $objToken->accessToken;

        $expiration = $objToken->token->expires_at->diffInSeconds(Carbon::now());

        return response()->json(["token_type" => "Bearer", "expires_in" => $expiration, "access_token" => $strToken]);
    }

    return response()->json(["error" => "invalid_credentials", "message" => "The user credentials were incorrect."], 401);
}

But be careful if using these 2 lines in AuthServiceProvider boot() :

Passport::tokensExpireIn(Carbon::now()->addDays(30));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(60));

as it won't replace the expiration with Personal Access Token in Password Grant Type of Laravel 5.4 according to this Laravel Passport Issue.

Upvotes: 10

Related Questions