expired token still fetching data

[shaan100]

i am still facing same issue before, the plugin does not validate token from database.

Application.php in cakephp 5 using authentication/authorization plugin for handing the login/logout

$service->loadIdentifier('Authentication.Token'); $service->loadAuthenticator('Authentication.Token', [ 'queryParam' => 'token', 'header' => 'Authorization', 'tokenPrefix' => 'Bearer' ]);
in my database table there is token_expiration field and token field even token_expire field but still does not invalidate token which one have already expired

[rrd108]

Do you have your code somewhere online? I would take a look.

[shaan100]

Login Method

Token generate method for 1 minute only for testing purpose

Application.php
Authorization

please sir help me.. why my token not expired after one minute

[shaan100]

Do you have your code somewhere online? I would take a look.

i shared screenshots

[rrd108]

You do not have to use $service->loadAuthenticator('Authentication.Token')

This is automatically done by the plugin.

Instead of this you need a config/apiTokenAuthenticator.php file described here: https://github.com/rrd108/api-token-authenticator?tab=readme-ov-file#changing-the-default-settings

I think the way you do is overwrite the plugins behaviour.

I would reccomend go throught the README and follow it step by step. If you need something else then what is described, post it here and I will help sort it out.