Adding payload to the JWT

[dan-lutd]

Laravel 8.65
"php-open-source-saver/jwt-auth": "^1.2",

How do I add payload to the JWT?
Payload : userId, deviceID, deviceName and platform

I can get the userId with

    public function getJWTCustomClaims($device_id = '')
    {
        return [
            'userId' => $this->id,
            'device_id' => $device_id,
        ];
    }

but I am not sure how to pass the other payload fields to this function.

My login script:

public function login() {
    $credentials = request(['email', 'password']);

    $deviceId = request(['device_id']);
    Log::info($deviceInfo);

    //->user()->getJWTCustomClaims($deviceId)

    if (! $token = auth()->attempt($credentials)) {
        return response()->json(['error' => 'Unauthorized'], 401);
    }

    return $this->respondWithToken($token);

}

[eschricker]

I am not sure if its meant to be used in this way or if there are any side effects, but you could try the following:

use PHPOpenSourceSaver\JWTAuth\JWT;

...

public function login(JWT $jwt, Request $request)
{
    $credentials = $request->only(['email', 'password']);

    $deviceId = $request->input('device_id');

    $jwt->getPayloadFactory()->deviceId($deviceId);

    if (!$token = Auth::attempt($credentials)) {
        return response()->json(['error' => 'Unauthorized'], 401);
    }

    return $this->respondWithToken($token);
}

[dan-lutd]

That did work to add a field to the payload,

I have since learned that tokens are not written to a database table,
That is where I would keep the extra data, extracted from the payload for db queries.
Since we are using Heroku the storage of tokens in the filesystem won't work.
Heroku has an Ephemeral filesystem: reloaded when env changes, updates, and once every 24 hours.
Obviously we have to store in the DB or use a service like redis or AWS for storing files.