Authentication with JWT Laravel 5 without password

Generating token for the customers (without password) can be achieved through

$user = \App\Modules\User\Models\UserModel::whereEmail('[email protected]')->first();
$userToken=JWTAuth::fromUser($user);

Here $userToken will stores the token after existence check of email in the table configured in UserModel file.

I have assumed that you stores both customer and moderators in the same table, there must be some flag to discriminate among them. Assume the flag is user_type

$token = null;
$user = \App\Modules\User\Models\UserModel::whereEmail('[email protected]')->first();
if($user['user_type'] == 'customer'){
   $credentials = $request->only('email');
   $token =JWTAuth::fromUser($user);
}else if($user['user_type'] == 'moderator'){
   $credentials = $request->only('email','password');
   $token = JWTAuth::attempt($credentials);
}else{
   //No such user exists

}
return $token;

As far as custom claims are concerned these are custom defined payloads which can be attached to token string.

For example, JWTAuth::attempt($credentials,['role'=>1]); Will attempt to add role object to token payload. Once you decode the token string through JWT Facade JWTAuth::parseToken()->getPayload(); you in turn get all payloads defined in required_claims under config/jwt.php with additional role payload.

Refer https://github.com/tymondesigns/jwt-auth/wiki/Creating-Tokens#creating-a-token-based-on-anything-you-like Let me know in case you requires anything else.

try with this:

$user=User::where('email','=','[email protected]')->first();

if (!$userToken=JWTAuth::fromUser($user)) {
            return response()->json(['error' => 'invalid_credentials'], 401);
        }

return response()->json(compact('userToken'));

it works for me, hope can help