11

I am trying to generate token by verifying other fields and table rather than email and password of user table. I am using tymon jwt library.

I have three fields that need to be verified to authenticate the user

 table::where(["id"=>"1","mobile"=>"123","otp"=>"asdf"])->get();

So If I found the rows matching this condition in table then I want to authenticate the user and generate valid token with required claims.

What I have tried so far is :

//after check for three fields in DB. If row matches then, $id and $contact are variable from DB.
$customClaims = ['id' => $id, 'mobile' => $contact];

$payload = JWTFactory::make($customClaims);

When trying this I got JWT payload does not contain the required claims.

So how to authenticate user with three field and generate valid token with required claims and $customClaims.

Edited

 public function verifyOTP(Request $request) {
    $otp = $request->otp;
    $schoolid = $request->schoolid;
    $parent_contact = $request->contactNum;
    $verifyOTP = OTP::where(['schoolid' => $schoolid, 'parent_numb' => $parent_contact, 'otp' => $otp])->get();
    if ($verifyOTP) {

        $customClaims = ['schoolid' => $schoolid, 'parent_numb' => $parent_contact];

        $payload = JWTFactory::make($customClaims);

        $token = JWTAuth::encode($payload);
        return $token;
    }
}
Abilogos
  • 4,777
  • 2
  • 19
  • 39
user254153
  • 1,855
  • 4
  • 41
  • 84
  • Can you share all related code ? – Niklesh Raut Apr 18 '18 at 03:20
  • @C2486 please refer to full code in edited section. – user254153 Apr 18 '18 at 14:28
  • What you are looking for is `\Tymon\JWTAuth\Facades\JWTAuth::fromUser($user, $customClaims = [])` where `$user` is some kind of entity with `id` field available. The error you got here is because given claims does not contain required ones - 'iss', 'iat', 'exp', 'nbf', 'sub', 'jti'. You can fill them manually or use the given method. – Giedrius Kiršys Apr 20 '18 at 15:22
  • 1
    @GiedriusKiršys why don't you write an answer if you know the solution? – jps Apr 23 '18 at 11:41

1 Answers1

0

In this case Crypt will become so handy, I do not know if you want to do any authentication later. Crypt will help you encrypt and decrypt.

Make trait or any other class, you do not have to worried much on Encrypt and Decrypt, Crypt can take care. I built Mobile API using Crypt

Encrypt: Crypt::encrypt($value);

Decrypt: Crypt::decrypt($value);

More info: https://laravel.com/docs/5.2/encryption

Gabriel
  • 970
  • 7
  • 20
  • encryption and decryption is not only the thing JWT does. JWT need to authenticate based on that fields and verify with server secret key also. – user254153 Apr 15 '18 at 14:57
  • Yes. Like wise encrypt decrypt and lifetime of those depends on how you want to handle. Depends on how you create or how you architect it. – Gabriel Apr 15 '18 at 15:37
  • 2
    Is this even an answer to the question above? How does it solve the OPs problem of missing claims in the JWT? – jps Apr 25 '18 at 08:58