I'm trying to check and refresh my token on certain api calls, so I've created my own middleware and added it to my Kernel.php $routeMiddleware. Then I added this to the middleware group where I want to check and - if necessary - refresh the token. However, when I login, it also calls this middleware though the login call isn't inside the middleware group, thus I get a 500 error: "The token could not be parsed from the request". I also noticed that the middleware gets called even when removing the 'cors' from the group middleware... Any help would be much appreciated!
This is the code for the middleware:
class Cors
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$response = $next($request);
try
{
if (! $user = JWTAuth::parseToken()->authenticate() )
{
return response()->json(['user_not_found'], 404);
}
}
catch (TokenExpiredException $e)
{
try
{
$refreshed = JWTAuth::refresh(JWTAuth::getToken());
$response->header('Authorization', 'Bearer ' . $refreshed);
}
catch (JWTException $e)
{
return response()->json(['couldnt refresh token'], 404);
}
$user = JWTAuth::setToken($refreshed)->toUser();
}
catch (JWTException $e)
{
return response()->json(['error trying to parse token'], 404);
}
Auth::login($user, false);
return $response;
}
}
These are my routes:
Route::group(['middleware' => ['api','jwt.auth', 'cors']], function() {
Route::get('logout', 'AuthController@logout');
Route::get('user', 'AuthController@getUser');
Route::get('movies/{page}', 'MovieController@index');
Route::get('movie/{id}', 'MovieController@getMovieByID');
Route::get('movies/search/{string}', 'MovieController@getMovieByTitleGenreDirector');
Route::get('movie/{id}/recommendations', 'MovieController@getMovieRecommendations');
});
