From 1a98e7937d4ca84ab67d1b0266e2ee5e779bd0f9 Mon Sep 17 00:00:00 2001
From: Pig Fang <g-plane@hotmail.com>
Date: Fri, 26 Apr 2019 18:58:12 +0800
Subject: [PATCH] Return empty string when JWT auth failed

---
 app/Http/Controllers/AuthController.php | 2 +-
 tests/AuthControllerTest.php            | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php
index f444bd43..7744a9d6 100644
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@@ -259,7 +259,7 @@ class AuthController extends Controller
         $token = Auth::guard('jwt')->attempt([
             'email' => $request->email,
             'password' => $request->password
-        ]);
+        ]) ?: '';
 
         return json(compact('token'));
     }
diff --git a/tests/AuthControllerTest.php b/tests/AuthControllerTest.php
index 3c491d6e..92e74c24 100644
--- a/tests/AuthControllerTest.php
+++ b/tests/AuthControllerTest.php
@@ -550,6 +550,11 @@ class AuthControllerTest extends TestCase
             'password' => '12345678'
         ])->decodeResponseJson('token');
         $this->assertTrue(is_string($token));
+
+        $this->postJson('/api/auth/login', [
+            'email' => $user->email,
+            'password' => '123456789'
+        ])->assertJson(['token' => '']);
     }
 
     public function testApiLogout()