Good day! I’m picking up with Rest API on Laravel, and honestly speaking my head has already come from all this hurts. With the principles it turned out, I get a token, send a request to the site with a token and get user data in response. I didn’t do much for this: http://jwt-auth.readthedocs.io/en/docs/quick-start/

But here's the problem, if you specify the wrong token in the header (or the token which time has expired), redirects to the login request page. And here I wanted to use foul language, because before that I also tried to do laravel / passport and there it was the same thing. The bottom line is that the JSON response should be returned with an error, instead I redirect to the site, I can’t do it anyway, I just reread it in the article net. I tried to create my intermediaries and check in them, I tried to add something like this:

public function handle($request, Closure $next) { try { if (! $user = JWTAuth::parseToken()->authenticate()) { return response()->json(['user_not_found'], 404); } } catch (TokenExpiredException $e) { return response()->json(['token_expired'], $e->getStatusCode()); } catch (TokenInvalidException $e) { return response()->json(['token_invalid'], $e->getStatusCode()); } catch (JWTException $e) { return response()->json(['token_absent'], $e->getStatusCode()); } return $next($request); }

and not only here, but a similar code was written in the intermediary ... Well, I can't get rid of it. Plus documentation - like a cat crying. Tell me what you can do. Maybe you have some links to good articles about this or examples of how it is done (both on jwt-auth and on laravel / passport, the latter is more like, there is more or less documentation, plus I see where tokens are stored and Other data is in the database, but I don’t understand how jwt works). I ask you not to throw stones, I am new to this business, I have been studying Laravel for about 2 months, and with the API less than a week ... If you need some other info, I’m ready to provide it.

  • I suspect that the whole problem is in middleware auth, since by default, if you break into the page where authorization is needed and you are not authorized, it redirects you - Orange_shadow
  • Try Exceptions > Handler.php change unauthenticated or add Accept: application/json - Orange_shadow to the request header
  • Thank you so much! Adding Accept: application / json helped! where I returned to the branch where I did the same thing with the help of laravel / passport and everything works fine there. And about this "change unauthenticated" can be more? Just in case it would be nice to know))) Thank you again! - makz

1 answer 1

In order to get a response in json format in all headers, you must send Accept: application/json.

You can also change the logic of what to do in case of an error, if you look at the class that extends Exceptions > Handler.php it will be a class

 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler

there is a method in it:

 protected function unauthenticated($request, AuthenticationException $exception) { return $request->expectsJson() ? response()->json(['message' => $exception->getMessage()], 401) : redirect()->guest(route('login')); }

You can override it in your Handler.php and write any logic