How to create the user about jwt-auth HOT 14 CLOSED

Ok, so the 0.3.* release is utilising laravel's Auth system to check the users credentials and return the user object (which implements Illuminate\Auth\UserInterface). This is just a means to get the authenticated user via some credentials, but annoyingly it does force some things such as remember tokens etc.

Note that the session is never touched since I use the once() method as seen here

So ultimately you would have to implement the UserInterface to get things moving. (the default Laravel User works just fine)

In the new release, I have abstracted that away; in that, you can specify another auth provider that doesn't force such things as remember tokens etc - such as Sentry.

I hope that helps

from jwt-auth.

I see, thank you.

I am just playing with it, will try to implement the interface ignoring the remember token (returning null or something on the methods) and if not, I will create a migration, it is a demo after all.

For a real application I would prefer to have a provider which doesn't force you to create stuff you don't need for JWT.

Laravel is really good but in its core is really really oriented to classic apps and classic auth and I am getting hell of trouble understanding all of this "Auth drivers" and stuff, it is quite easier on other backends where 50 lines of code is enough for auth :P

Sentry seems to be a good option, I heard once someone trying to using this library with sentry.

Ping me (my email is on my profile) when you get some releases (0.4.* and L5 one) and I can surely help you with the documentation (that is what I do after all). Maybe an introductory README + WIKI with more options, different providers, blacklist, claims, I don't know stuff. Then I can write a blog post. I know a few laravel developers and they are also willing to learn JWT properly.

About the issue, I am happy with the answer.

from jwt-auth.

@tymondesigns learning about sentry. Isn't Sentinel a new better option? Or am I mistaken? I guess your abstraction would make possible the usage of any of them

from jwt-auth.

Yep, Sentinel is the latest and greatest, evolved from Sentry - https://cartalyst.com/manual/sentinel/1.0#sentry-vs-sentinel

And yes, any adapter can be used, it just has to adhere to the AuthInterface 😄

from jwt-auth.

Bah, Sentinel is paid and Sentry doesn't allow stateless logins. So one option forces you to have a rememberme token and the other will create a session you want it or not. Laravel keeps on disappoint me, really really inflexible if you want to step out of what they do.

Sorry for the rant.

from jwt-auth.

Oh yea, I totally forgot that Sentinel wasn't open source 👎

I hear what you're saying about Laravel Authentication being too opinionated towards traditional methods. And I agree that it could be tweaked to provide a nicer way to integrate stateless auth. (I think I might open a discussion about this topic)

But the main annoyance here is that it is forcing you to implement those extra methods in the interface when they're not needed right? I mean, they have provided ways of authenticating without state via the onceBasic() method and onceUsingId() etc

I suppose for the purpose of a tutorial you could simply stick with the default Laravel User model ?

P.S. I also looked at Confide but it also seems that their inerface extends Laravel's :(

from jwt-auth.

You have to implement those extra methods for nothing, maybe return null and pray it won't break. I am not ranting because there is no clean way to implement JWT, I am ranting because Laravel is too opinionated on classic apps and I only see walls when I try my frontend stuff on it.

And it is not about the tutorial itself, I am looking for a good backend for my Angular apps and so far Laravel is not.

from jwt-auth.

Ah ok, I get ya...

When building APIs in Laravel, I tend to use dingo/api (https://github.com/dingo/api). It actually has in-built integration with this jwt-auth package, and also oauth2.

Any initial thoughts?

from jwt-auth.

I am using Sentinel and the Dingo API package. I am not needing the ability to create users via the API so I am just in this for the authentication. I assume I can authenticate via Sentinel and upon success, issue a token. All theory, but I am hoping it will do what I am expecting.

from jwt-auth.

Theory proved correct. Sentinel provides a stateless auth that returns a user object. Then I can generate the token from the user object with JWTAuth::fromUser($obj)

from jwt-auth.

@wagonerwebworks Glad to hear..

Also you could implement the AuthInterface for further integration.

E.g. then you could run:

$token = JWTAuth::attempt($credentials);

an example with Sentry #59

from jwt-auth.

That is interesting, might give it a try. My login controller method is at 3 lines current and pretty happy with that.

from jwt-auth.

@Foxandxss @tymondesigns FYI guys, Sentinel has been open source for a couple weeks now, and they're holding an Indiegogo campaign: https://www.indiegogo.com/projects/sentinel-open-source

from jwt-auth.

@kz Interesting, but sadly I am not interested anymore.

from jwt-auth.