Update custom claims with refresh token

[mattvb91]

Im having the same issue as in this issue over in the old repo: tymondesigns/jwt-auth#891

The short of it is, I have a custom claim in my user model:

 public function getJWTCustomClaims()
    {
        return [
            'email_verified_at' => $this->email_verified_at,
        ];
    }

However the getJWTCustomClaims() function is never called when a token is refreshed.

Associated PR from old repo: tymondesigns/jwt-auth#1619

I have tried getting it running quickly by using the above PR as a reference but I am missing the authenticate() function in this repo so its not a quick fix unfortunately.

[Messhias]

Provide your model code, please.

Thanks.

[ajayfroiden]

How can we add custom claims with for refresh token

Earlier

$newToken = JWTAuth::fromUser($user, [
                           'exp' => Carbon::now()->addMinutes(config('jwt.ttl'))->timestamp,
                           'remember' => 0
                    ]);

We need
something like

auth()->claims( [
                         'exp' => Carbon::now()->addMinutes(config('jwt.ttl'))->timestamp,
                         'remember' => 0
                  ])->refresh()

[mfn]

However the getJWTCustomClaims() function is never called when a token is refreshed.

Upfront: it works for me.

Does your User model have the interface \PHPOpenSourceSaver\JWTAuth\Contracts\JWTSubject implemented, and not just the method added?

I tested this with:

class User extends Model implements AuthenticatableContract, AuthorizableContract, CanResetPasswordContract, JWTSubject
…
    public function getJWTCustomClaims()
    {
        return [
            'foo' => 'bar',
        ];
    }
…

and then did in artisan tinker:
('api')->tokenById(<my user id>);
and checked it in https://jwt.io/ and the custom claim is there: