Laravel Passport tokensExpireIn seems unworkable
I am using Larave 5.4 passport to create SPA application. However, I was able to get the authentication work done. but the access token are always short-lived tokens with an expiration of 600s.
I could not increase the expiration time with:
Passport::tokensExpireIn(Carbon::now()->addDays(15));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
it has no effect.
any help? thank you in advance.
source to share
Personal access tokens are always durable . Their lifetime does not change when using methods tokensExpireIn
or refreshTokensExpireIn
- as explained in the official Laravel documentation ( https://laravel.com/docs/5.7/passport#personal-access-tokens ).
Being able to edit PassportServiceProvider.php
in the manufacturer's directory is a bad idea. Every time you make an update (e.g composer update/install)
or another developer during development, the code will revert to the status quo and it will start to crash.
The best approach is to use tokens to provide the password . Providing an OAuth2 password allows other third party clients such as a mobile app to obtain an access token using an email address / username and password. This allows you to securely issue access tokens to your third party clients without requiring users to go through the entire OAuth2 authorization code redirection process. Make sure you have installed correctly passport
(see manual: https://laravel.com/docs/5.7/passport#installation ) then run this command
php artisan passport:client --password
Having done this, you can request an access token by submitting a request POST
to /oauth/token
. Remember that this route is already registered by the method Passport::routes
, so there is no need to define it manually. If the request is successful, you will receive access_token
and refresh_token
in a JSON response from the server. See a sample payload below:
{
"grant_type" : "password",
"client_id":"your-client-id",
"client_secret":"your-client-secret",
"username":"twady77@gmail.com",
"password":"123456",
"scope":""
}
Sample response:
{
"token_type":"Bearer",
"expires_in":1296000,
"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjVkMWJjN2NhOTU0ZWU2YTZmOGNkMGEyOTFjOTI5YzU4Zjk3ODk3M2YxZDJmNjQ2NjkyZjhjODQyZjYxNTBjZGRiYzMwY2RjMzRmZjJhYmU1In0.eyJhdWQiOiI4IiwianRpIjoiNWQxYmM3Y2E5NTRlZTZhNmY4Y2QwYTI5MWM5MjljNThmOTc4OTczZjFkMmY2NDY2OTJmOGM4NDJmNjE1MGNkZGJjMzBjZGMzNGZmMmFiZTUiLCJpYXQiOjE1NDkyOTI5MjcsIm5iZiI6MTU0OTI5MjkyNywiZXhwIjoxNTUwNTg4OTI3LCJzdWIiOiIxIiwic2NvcGVzIjpbXX0.cSvu30xAT-boA5zmVuxTr0TfH_5MYuVWYi6NVQRbryZSswt8EAFTi5QXHH1f0O63DWnLA6VFBS2AfDe4-ryJZACDnt4gtPJOeuu1rNMZ53MU1vjxnyC8FsYz8v9vmYJsZPKqfTJpuJFYRFh7kkV7uWAmrEkuF3POnDn-GjW50f4i26lIZW5ta5j4nZQrIJCQUEzwXaQtn9H-qef3bTWAaplWaV-k7Blic-0TXXVfWa_CdoKCAzHROVBRWY1Idhe1LJkvGKldUGzUfliiB1x7EVVInq94VYEP5d9__90Z2UMUn5dCEgWkXvcEHYy87_4OSwu4TQk_f3hD82OVOEtJGgPyJqK51WqnQCBYwNtxNjqAW2oaMgpritp3G8nccUiyhkE4Pd_kj3cb2OvSNRXdDS9z-RnJb1OXUkja-4Xe_JfIWUjlTnkss18xMg89hcU_3xtBwUXBWHgffzcbNoI1oOwUL6Whekduiy8csf665v0cnzkPXISmvyGhiMseIlBEN9m9uESaJqD_g7WzbsEs7meI0CAF3230UgrI1MdYSAJMW0mMPF9EScH31a_Qpde5O233Ty6-S4NAp323Wneqs_jpGSfw81CvoI1JeY0hZccRC-MBBsQ2Ox7AM36H5L3p-ybricmT3oCcHEqhufq-ygyfqk1RufJwwRblwYPyaJE",
"refresh_token":"def50200c6b2378110190ac28d9d55f622885bb0b470a20543a6f1eefb18ed93c57b7040dc4db9444aa8853209bde9d5443a407d43fcaf1deb2e1f3f5ea3ce7431c4ec5e111bdc0cc71ca76034cd2a884441c51e4c922dddfa3f6e3a3fa8e1fbb8efe4581ce70d76590e732b3fa8b0c41a8abff4a8759f9dd1cc3ae46134fb67a8f25cd79e3229f6ee3238701ebfe0e8b0e2f14bd13c7fde3f813708a3de9928c8e992850994ca97bf61984cdb846bd0d72916312d9985472fc4293a3b3f2c55e1ef19621ef009623a6780f800ece9c8d835871dc795fda5daa43ac3fdae467e66b46e4eb73d53b8cb821522ee60979711c28c54fb2085f6000ac7e96e019ce51b9f92ea3fa2028aa0238fc3dca9c900e8dd77907782b22482f95a5e55708e5bda8c28f3732ff55e361f08447b33fe05d5646cecfb9faed462d327efdcc2a3742f46f9f825275d296b4ced25c05f3b6add68f43a2b448e4523d5410c631dc45bba"
}
source to share
Try using this library: https://github.com/GeneaLabs/laravel-caffeine and you can look at laravel session config options
source to share
for grant passport symbol
Passport::tokensExpireIn(Carbon::now()->addDays(10));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(15));
This is only adding 10 minutes of expiration time. I don't know how or why, but instead we change the internal codes. i Changed
Passport::tokensExpireIn(Carbon::now()->addDays(10000));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(12000));
It now adds 7 days of expiration. It looks like the addDays function is adding 10,000 minutes.
source to share
I have the same problem for my application, I spent two days trying to find what the problem is. The best solution I have come up with is to change the expiration date directly in the PassportServiceProvider
Go to vendor page / laravel / passport / src / PassportServiceProvider.php 108
new PersonalAccessGrant, new DateInterval('P1Y')
for example to set the expiration date to one week
new PersonalAccessGrant, new DateInterval('P1W')
I know this is a bad solution to solve the problem, I recently found the same problem in the Laravel Git repo
source to share