Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update custom claims with refresh token #204

Open
mattvb91 opened this issue Jan 18, 2023 · 3 comments
Open

Update custom claims with refresh token #204

mattvb91 opened this issue Jan 18, 2023 · 3 comments
Labels
bug Something isn't working

Comments

@mattvb91
Copy link

Im having the same issue as in this issue over in the old repo: tymondesigns/jwt-auth#891

The short of it is, I have a custom claim in my user model:

 public function getJWTCustomClaims()
    {
        return [
            'email_verified_at' => $this->email_verified_at,
        ];
    }

However the getJWTCustomClaims() function is never called when a token is refreshed.

Associated PR from old repo: tymondesigns/jwt-auth#1619

I have tried getting it running quickly by using the above PR as a reference but I am missing the authenticate() function in this repo so its not a quick fix unfortunately.

@mattvb91 mattvb91 added the bug Something isn't working label Jan 18, 2023
@Messhias
Copy link
Collaborator

Provide your model code, please.

Thanks.

@ajayfroiden
Copy link

How can we add custom claims with for refresh token

Earlier

$newToken = JWTAuth::fromUser($user, [
                           'exp' => Carbon::now()->addMinutes(config('jwt.ttl'))->timestamp,
                           'remember' => 0
                    ]);

We need
something like

auth()->claims( [
                         'exp' => Carbon::now()->addMinutes(config('jwt.ttl'))->timestamp,
                         'remember' => 0
                  ])->refresh()

@mfn
Copy link
Contributor

mfn commented Feb 21, 2024

However the getJWTCustomClaims() function is never called when a token is refreshed.

Upfront: it works for me.

Does your User model have the interface \PHPOpenSourceSaver\JWTAuth\Contracts\JWTSubject implemented, and not just the method added?

I tested this with:

class User extends Model implements AuthenticatableContract, AuthorizableContract, CanResetPasswordContract, JWTSubject
…
    public function getJWTCustomClaims()
    {
        return [
            'foo' => 'bar',
        ];
    }
…

and then did in artisan tinker:
('api')->tokenById(<my user id>);
and checked it in https://jwt.io/ and the custom claim is there:
image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

4 participants