jwt-auth | Vault plugin | Authentication library

For this project, I have a monorepo with 2 workspaces (api and frontEnd). I have upgraded node from V10 to V16 recently and the migration is almost complete. I can run it locally, but building is not possible anymore.

When I run yarn workspace api start:dev, defined in api/package.json as "start:dev": "cross-env NODE_ENV=development npx ts-node-dev -r dotenv/config -r tsconfig-paths/register --respawn --transpile-only src/index.ts", it runs smoothly on localhost.

When I run yarn workspace api build:ts, defined in api/package.json as yarn run tsc, I get errors of the following type (I kept only 1 error per file to respect the question character limit, but there are over 2000 lines):

When I try to get token with login function I get this error

TypeError: Argument 1 passed to Tymon\JWTAuth\JWTGuard::login() must be an instance of Tymon\JWTAuth\Contracts\JWTSubject, instance of App\Models\User given, called in ...\vendor\tymon\jwt-auth\src\JWTGuard.php on line 127 in file ...\vendor\tymon\jwt-auth\src\JWTGuard.php on line 140

Here my login function:

I have an e2e test where I test the registration (email unique)

The Test is:

I am using 'tymon/jwt-auth' in Laravel 8. I followed the steps exactly as on 'https://jwt-auth.readthedocs.io/en/docs/laravel-installation/', but I still always get 401 Unauthorized.

I cannot figure out the cause of it while debugging in Postman and I am not doing anything different than what the guy in the tutorial was doing. I looked up online and some suspect it could be that the password is not read as an encrypted string (md5). Any thoughts?

Currently i'm using laravel lumen version 8 for API and i want to integrate laravel/passport for OAuth authorization for the API but when i try to install laravel/passport i get the following error and cannot install laravel/passport for the project. I tried installing dusterio/lumen library for laravel/passport but the package had also some issue with lumen 8.

I'm using angular and Laravel for user authentication followed this link :

https://www.positronx.io/laravel-jwt-authentication-tutorial-user-login-signup-api/ https://www.positronx.io/laravel-angular-token-based-authentication-with-jwt/

Authentication is working, this is login function :

I'm working on a project with Symfony 5.3 with PHP 8.0.12. I've been developing it on my own computer, it's working well. I now want to deploy it on a remote container.

However when I start the Symfony built in Webserver I'm getting the following error when accessing any of the defined routes:

I'm going to get so many "okay grandpa" comments for this one.

I've read a dozen articles and every SO question I could find on this subject.

I must have been away too long or missed something completely, because I swear that user authentication used to be very simple. I seem to recall built-in methods and a session on the server simply knowing who the user was via a cookie or similar, with the ability to store information "in session". I don't recall even setting up authentication in years past, it was just built-in to new applications.

Instead, the most succinct guide I could find is very involved. I think I need a token authorization/authentication setup because there may be consumers (like apps) who don't have a typical cookie pattern these days. In my head, the token works like a cookie except it's manually held on the user end and passed via header with each request?

To its credit, the guide worked, at least for logging in and correctly utilizing the simple Authorize attribute in controllers. However, User.Identity.Name is always empty, even when User.Identity.IsAuthenticated is true, which is perplexing.

How I think auth is working:

• User request hits API with username/password
• Service checks the combination, and returns an encrypted JWT to the user
• The user sends the JWT back with every request
• The server decrypts this JWT to identify the user - this is probably where I'm wrong

So here is where my question comes in:

I need more data about the user, like access to the entire UserModel with every request, but I don't want to go to the database to find it every time. This is where I think there should just be a session object in memory, but that doesn't appear to be the case with token authentication.

TL;DR:

Where do I put user-specific, short-term ("session") information for consumption in future requests where a user is identified with a JWT in the Authorization header instead of a cookie?

• Session state isn't right, because it's hard-wired to a cookie
• HttpContext.Items aren't right, because it's just for the one request
• Cache storage isn't right, because it's not user/session specific. I could potentially create a session-like user-keyed storage here but that seems way, way over-engineered for this.
• Basically anything where I'm passing all the data (not just a user identifier) to the client then relying on the client to pass it back seems wrong? But feel free to correct me.

Extended from: Drf how to: simple-jwt authenticating without the USERNAME_FIELD

I was trying to figure out how to authenticate a user with a field that is not set as the USERNAME_FIELD and faced some issues, it lets me input in the correct data fields, but it never authenticates

I'm using this snippet from the previous questions answer: