We are creating an application, I am using php and jwt for login and authenticate.
I create the jwt code, but when I decode it on its official site, I encountered a signature error .
here is my code :
<?php
require 'vendor/autoload.php';
use FirebaseJWTJWT;
use FirebaseJWTKey;
define('SECRET_KEY', '4b3403665fea6bfb0e5e861195554e524f3a69e8e8b2cda1d52e3dba20f98f2a');
define('ACCESS_TOKEN_EXPIRY', 15 * 24 * 60 * 60);
define('REFRESH_TOKEN_EXPIRY', 30 * 24 * 60 * 60);
function generateToken($userId, $expiry) {
$payload = [
'iss' => 'your_issuer',
'sub' => $userId,
'iat' => time(),
'exp' => time() + $expiry
];
return JWT::encode($payload, SECRET_KEY, 'HS256');
}
function generateTokens($userId) {
$accessToken = generateToken($userId, ACCESS_TOKEN_EXPIRY);
$refreshToken = generateToken($userId, REFRESH_TOKEN_EXPIRY);
return ['accessToken' => $accessToken, 'refreshToken' => $refreshToken];
}
$input_data = json_decode(file_get_contents("php://input"), true);
$username = isset($input_data['username']) ? $input_data['username'] : '';
$password = isset($input_data['password']) ? $input_data['password'] : '';
$valid_username = 'test';
$valid_password = 'password';
if ($username === $valid_username && $password === $valid_password) {
$userId = 123;
$tokens = generateTokens($userId);
echo json_encode($tokens);
} else {
http_response_code(401);
echo json_encode(['error' => 'Invalid credentials']);
}
?>