I'm using JWT to generate TOKEN access to my system ... So far it's okay, I'm getting my API and it returns me a Token.
The problem is in the following scenario. - My intention is to work with API in my Web application and would reuse this same API in Mobile. - Using JWT I am generating a TOKEN but in my WEB application I need to redirect the user that does not have this Token to LOGIN screen so it will generate TOKEN and be redirected to the WEB page INDEX. (In the application the treatment is different and not the case here ..)
My problem is that I can not redirect my WEB user to the INDEX page of my system ...
Doubt is my Token, do I need to stay somewhere? Create a session and save that token on it? or what do I do?
My Route is as follows ...
Route::get('/', 'HomeController@getIndex');
Route::group(['prefix' => 'api'], function () {
Route::get('/', function () {
return response()->json(['message' => 'Jobs API', 'status' => 'Connected']);;
});
Route::post('/auth/login', 'UsuarioController@login');
Route::group(['middleware' => ['jwt.auth', 'jwt.refresh']], function() {
Route::post('logout', 'AuthenticateController@logout');
Route::get('/teste', function() {
return response()->json(['foo' => 'bar']);
});
});
});
There in the HomeController class I put in the construct
$this->middleware('jwt.auth');
But every time I enter the main page of my site, it displays the message:
{"error":"token_not_provided"}
My role is to login below:
public function login(AuthenticateRequest $request) {
// Get only email and password from request
$credentials = $request->only('usuario', 'senha');
// Get user by email
$user = User::where('usuario', $credentials['usuario'])->first();
// $company = DB::table('empresas_funcionario')->where('usuario', $credentials['usuario'])->first();
// Validate Company
if(!$user) {
return response()->json([
'result' => false,
'error' => Lang::get('messages.userInvalid')
], 401);
}
// Validate Password
if (md5($credentials['senha']) != $user->senha ) {
return response()->json([
'result' => false,
'error' => Lang::get('messages.passInvalid')
], 401);
}
// Generate Token
$token = JWTAuth::fromUser($user);
// Get expiration time
$objectToken = JWTAuth::setToken($token);
// $expiration = JWTAuth::decode($objectToken->getToken())->get('exp');
return response()->json([
'com' => $user,
'access_token' => $token,
'token_type' => 'gestor'
]);
}
I would like to know if someone has gone through this and how can I do that after the person logs on the Web is redirected to the Index page and / or how do I identify if the token was created so I play it to the Login screen or if I do not play for Index ....
Thanks for the help ...