I am using JWT for authorization (REST API) in my tiny project. JWT looks to be a very suitable for my project.
Let's say I have this code:
$key = "secret";
$token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ"
$data = JWT::decode($token, $key, array('HS256'));
This code will return an array as on the official page of JWT.
But if I try to run the following codes:
$key = "secret";
$token = "abc.abc.abc"
$data = JWT::decode($token, $key, array('HS256'));
$key = "secret";
$token = "abc"
$data = JWT::decode($token, $key, array('HS256'));
PHP will issue an exception/error, how can I handle those exceptions/errors so the end-user will not see them (together with my secret key in the error).
I've tried to do the following:
try {
$key = "secret";
$token = "abc"
$data = JWT::decode($token, $key, array('HS256'));
} catch (Exception $e) { // Also tried JwtException
echo 'error';