Laravel - Sanctum Remove Database Id From Generated Token

Question

Currently I am building rest API using Laravel. For authentication, I am using the Sanctum package. Every time a user is logged in it generate a token that looks like this:

"token": "98|b45h97e17VVpugjO71wwURoicIqDQP2ejTkCWwoD"

But why Sanctum includes the database id with the token?

How to remove the database id from the token?

I would also like to learn how to do this. It doesn't serve my purposes to have the ID prepended to the token, but I don't want to mess up Sanctum's token verification by manually editing it after creation. — Drowsy, Mar 25 '22 at 13:23

score 2 · Answer 1 · answered Apr 21 '22 at 10:00

I just looked through the source history and found that the ID was introduced in a well-named commit called more performant tokens lookup, so that is the reason the ID is part of the token.

But if you look at the code loading/verifying the token there is a fallback at the beginning in case there is no ID. So you can simply remove it from the token, for example by overriding the findToken method.

Yudiz Solutions · Answer 2 · 2021-09-07T12:49:38.963

1

try this,

Option 1:-

In Controller:-

$token = $user->createToken(''project_name')->plainTextToken;
$auth_token = explode('|', $token)[1];

Option 2:-

In postman Refer image:-

edited Sep 07 '21 at 12:49

answered Sep 07 '21 at 11:03

Yudiz Solutions

4,216
2
7
21

Option 1: how sanctum verify this token? since you modified the original token. – Biswajit Biswas Sep 07 '21 at 11:36

Laravel - Sanctum Remove Database Id From Generated Token

2 Answers2

Linked