Creating Token with Sanctum in Laravel 9 with no 'expires_at' column

Question

I installed Laravel 9 and Sanctum, made a migration and tried to create token with 'createToken' method from User class which extends from Authenticatable. It's all from Laravel and Sanctum instalation. I used code below.

createToken('secrettoken')->plainTextToken;

And I've got an error message:

"message": "SQLSTATE[42S22]: Column not found: 1054 Unknown column 'expires_at' in 'field list' (SQL: insert into `personal_access_tokens` (`name`, `token`, `abilities`, `expires_at`, `tokenable_id`, `tokenable_type`, `updated_at`, `created_at`) values (secrettoken, 4afa89fe2706656efae648c43c2a451b5b6d10be8b4e4558b6f9097706f814eb, [\"*\"], ?, 14, App\\Models\\User, 2022-08-02 19:30:00, 2022-08-02 19:30:00))

It seems 'createToken' method wants to fullfil an non-existing 'expires_at' column and doesn't have a value. This method has two arguments: name and abilitie (optional).

Did anyone has the same problem as me? Maybe I'm doing some wrong or using this method wrong.

Answer 1

At the time I'm writing this, Laravel 10 comes already with "expires_at" column included on personal_access_tokens migration file.

Setting an expiration time to that column is very easy. "createToken" method is defined in this file: /vendor/laravel/sanctum/src/HastApiTokens.php and receives 3 parameters:

• a name string
• an array with the abilities
• a DateTimeInterface type object with the expiration time

All one has to do to set those parameters when you invoke the createToken method.

An example setting a token to expire after 6 days:

$token = $user->createToken(
    $user->name.'_'.Carbon::now(), // The name of the token
    ['*'],                         // Whatever abilities you want
    Carbon::now()->addDays(6).     // The expiration date
)->plainTextToken;

It could be more explicit on the docs, but when it's not there, nothing better than check how things work under the hood.

Answer 2

You already have the database, hence migrate or add the column "expires_at" with timestamp on the personal_access_tokens table

Answer 3

You should publish the Sanctum configuration and migration files using the below vendor:publish Artisan command. The sanctum configuration file will be placed in your application's config directory.

php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"

Then use "php artisan migrate" to create migration table.

public function up()
{
    Schema::create('personal_access_tokens', function (Blueprint $table) {
        $table->id();
        $table->morphs('tokenable');
        $table->string('name');
        $table->string('token', 64)->unique();
        $table->text('abilities')->nullable();
        $table->timestamp('last_used_at')->nullable();
        $table->timestamp('expires_at')->nullable();
        $table->timestamps();
    });
}

For more information refer https://laravel.com/docs/9.x/sanctum#installation

Answer 4

I had the same issue today, I checked the createToken method located at vendor/laravel/sanctum/src/HasApiTokens.php. Sanctum package has added expires_at column in this method, but didn't add that column to the tokens migration file.

So, I just add the expires_at column to their migration file.

public function up()
{
    Schema::create('personal_access_tokens', function (Blueprint $table) {
        $table->id();
        $table->morphs('tokenable');
        $table->string('name');
        $table->string('token', 64)->unique();
        $table->text('abilities')->nullable();
        // Add here
        $table->timestamp('expires_at')->nullable();
        $table->timestamp('last_used_at')->nullable();
        $table->timestamps();
    });
}

And it worked.