i'm using tymondesigns/jwt-auth package and i'm having a very strange issue when trying to authenticate an user using curl. JWTAuth::attempt($credentials) always returns false even though the credentials are corrent cause. I tested it using the HttpRequester addon on firefox and it works with it, it returns the token, why it wouldn't work with curl?
this is the authentication code
try {
//i checked that the credentials are correctly received at this point, even when using curl
if (! $token = JWTAuth::attempt($credentials)) {
return response()->json(['error' => 'invalid_credentials'], 401);
}
} catch (JWTException $e) { }
have you seen anything similar before?
This is the curl i'm using in the client
//set headers
$headers=[];
if($method == 'post'){
$headers[]= 'Content-Type: application/x-www-form-urlencoded';
}
else{
$headers[]='Content-Type: text/plain; charset=UTF-8';
}
if(isset($apiToken) && $apiToken != ''){
$headers[]= 'Authorization: Bearer '.$apiToken;
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
if($method == 'post'){
curl_setopt($ch, CURLOPT_POST, true);
if(isset($parameters)){
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($parameters));
}
}
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_AUTOREFERER, 1);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, 1);
$result['content'] = curl_exec($ch);
the $parameters array only contains email and password, as far as i understand JWTAuth::attempt() only needs those to work (and as a matter of fact it does work from Firefox HttpRequester) perhaps it has to do with the laravel's guard system or something?
Update:
I've tested with GET method instead of POST but i got the same result, it is not authorizing neither
I've just tested it using the command line curl and it is working, this is what i did:
curl -X GET 'http://myapi.cc/api/auth?email=XXXXXX&password=XXXXX'
Aparently it is something with the PHP Curl that is causing this issue