I’m working on a Laravel project where I’m using JWT (JSON Web Token) for user authentication. The authentication process seems to work correctly, as the JWT token is available in the browser’s Dev Tools as a cookie when the user logs in.
However, I’ve implemented middleware to protect certain routes and check for the presence of this JWT cookie, but the middleware logs an error stating that the cookie is not found or the user is not authorized, even though the cookie is clearly present in the browser.
CheckUserJWT.php
namespace AppHttpMiddleware;
use Closure;
use TymonJWTAuthFacadesJWTAuth;
use TymonJWTAuthExceptionsJWTException;
use IlluminateSupportFacadesLog;
class CheckUserJWT
{
/**
* Handle an incoming request.
*
* @param IlluminateHttpRequest $request
* @param Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
// Check if the user JWT cookie exists
if ($request->hasCookie('user')) {
$token = $request->cookie('user');
Log::info("Cookie exists");
try {
// Attempt to authenticate the user using the JWT token
$user = JWTAuth::setToken($token)->authenticate();
// Check if the user is a regular user
if ($user && $user->role === 'USER') {
return $next($request);
}
} catch (JWTException $e) {
Log::error('JWT Authentication error: ' . $e->getMessage());
// Handle token expiration or invalid token
return redirect()->route('login');
}
}
Log::warning('User cookie not found or user is not a regular user.');
// If the cookie doesn't exist or user is not a regular user, redirect to login
return redirect()->route('login');
}
}
The middleware is applied to the user.home route:
Route::middleware(CheckUserJWT::class)->group(function () {
Route::get('/user/home', function () {
return view('user.home');
})->name('user.home');
});
Issue:
Even though the JWT token is visible in the browser’s Dev Tools under the “Cookies” section, the middleware logs the following warning:
User cookie not found or user is not a regular user.