[FIXED] Laravel - JWT Auth The token could not be parsed from the request

Issue

I have added following code in my middleware for user authentication with JWT Auth, which works fine for all the routes handled by the middleware.

public function handle($request, Closure $next)
{
    if ($request->has('token')) {
        try {
            $this->auth = JWTAuth::parseToken()->authenticate();
            return $next($request);
        } catch (JWTException $e) {
            return redirect()->guest('user/login');
        }
    }
}

But for one route with Post Method where the token is getting passed properly but still I am getting :

JWTException - The token could not be parsed from the request

on the same route when I tried :

public function handle($request, Closure $next)
{
    if ($request->has('token')) {
        try {
            dd($request->input('token'));
            $this->auth = JWTAuth::parseToken()->authenticate();
            return $next($request);
        } catch (JWTException $e) {
            return redirect()->guest('user/login');
        }
    }
}

Output :

"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9iaXNzIjoiaHR0cDpcL1wvbG9jYWxob3N0OjgwMDFcL2F1dGhcL2xvZ2luIiwiaWF0IjoxNDcyNTI4NDU0LCJleHAiOjE0NzI1MzIwNTQsIm5iZiI6MTQ3MjUyODQ1NCwianRpIjoiM2E0M2ExYTZlNmM5NjUxZDgxYjZhNDcxMzkxODJlYjAifQ.CH8ES2ADTCrVWeIO8uU31bGDnH7h-ZVTWxrdXraLw8s"

I am able to see the Valid Token which I am using to access another routes and which is working flawlessly for all other routes.

Thanks in advance!!!

Solution

From your description, I checked source file of JWT Auth.

In class Tymon\JWTAuth\JWTAuth line 191 - 219 , there are two functions:

/**
 * Parse the token from the request.
 *
 * @param string $query
 *
 * @return JWTAuth
 */
public function parseToken($method = 'bearer', $header = 'authorization', $query = 'token')
{
    if (! $token = $this->parseAuthHeader($header, $method)) {
        if (! $token = $this->request->query($query, false)) {
            throw new JWTException('The token could not be parsed from the request', 400);
        }
    }

    return $this->setToken($token);
}

/**
 * Parse token from the authorization header.
 *
 * @param string $header
 * @param string $method
 *
 * @return false|string
 */
protected function parseAuthHeader($header = 'authorization', $method = 'bearer')
{
    $header = $this->request->headers->get($header);

    if (! starts_with(strtolower($header), $method)) {
        return false;
    }

    return trim(str_ireplace($method, '', $header));
}

Check the logic of them, I believe your request header is not properly provided.

if (! $token = $this->parseAuthHeader($header, $method)) { // all your get method not passed this step
   if (! $token = $this->request->query($query, false)) { // all your post method stucked here 
       throw new JWTException('The token could not be parsed from the request', 400);
   }
}

A properly formatted header looks like this :

http POST http://${host}/api/v1/product/favorite/111 "Authorization: Bearer ${token}"

That's all I can offer to you, hope it will help you through your thoughts. If it won't you can still debug those two functions.

Answered By - Raymond Cheng