How to refresh token? about lumen-jwt HOT 11 CLOSED

Could you please copy-paste your cURL request + response here?

from lumen-jwt.

Here it is man @krisanalfa

from lumen-jwt.

Have you done any authentication request before accessing refresh endpoint?

from lumen-jwt.

@krisanalfa Yes. Else, i will be receiving different error if not authenticated right?

I've tried to take out this route outside the middleware and it works fine. But will it be the best practice?

$api->patch('/auth/refresh', [
'uses' => 'App\Http\Controllers\Auth\AuthController@patchRefresh',
'as' => 'api.auth.refresh']);

from lumen-jwt.

No. You should use auth middleware for refresh endpoint. Because any refreshed token should be a valid token, it represents a single session for a user. Mine is working here.

After you logged in, can you access /api/auth/user endpoint?

from lumen-jwt.

Yeah, all endpoints are working fine so long as token still valid. But the moment it expired, I can't able to refresh the token.

from lumen-jwt.

Let me know if you want the steps to reproduce this

from lumen-jwt.

@krisanalfa does the refresh endpoint is working on your end when you pass an expired token?

from lumen-jwt.

No. Refreshed token should be a valid token. Which is expired token would be rejected.

from lumen-jwt.

Hmm, i see. But I believe you don't want the user to re-authenticate(bring back to login) if the token expired right? Should just refresh and you'll get a new access token.

from lumen-jwt.

Yeah, you need to re-login before refreshing the token (only if you got token expired).

from lumen-jwt.