From zero to confident API dev using JWT and Laravel

installing tymon/jwt-auth package
publishing configuration file
changing default driver
changing default driver for api guard

So why the User model why not other models?

default provider for authentication
  1. getJWTIdentifier()
  2. getJWTCustomClaims()

getJWTIdentifier()

getJWTCustomClaims()

User model implementing JWTSubject contract
Route::group([

'middleware' => 'api',
'prefix' => 'auth' // optional

], function ($router) {

Route::post('login', 'AuthController@login');
Route::post('logout', 'AuthController@logout');
Route::post('refresh', 'AuthController@refresh');
Route::post('me', 'AuthController@me');

});
<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;

class AuthController extends Controller
{
/**
* Create a new AuthController instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('auth:api', ['except' => ['login']]);
}

/**
* Get a JWT via given credentials.
*
* @return \Illuminate\Http\JsonResponse
*/
public function login()
{
$credentials = request(['email', 'password']);

if (!$token = auth()->attempt($credentials)) {
return response()->json(['error' => 'Unauthorized'], 401);
}

return $this->respondWithToken($token);
}

/**
* Get the authenticated User.
*
* @return \Illuminate\Http\JsonResponse
*/
public function me()
{
return response()->json(auth()->user());
}

/**
* Log the user out (Invalidate the token).
*
* @return \Illuminate\Http\JsonResponse
*/
public function logout()
{
auth()->logout();

return response()->json(['message' => 'Successfully logged out']);
}

/**
* Refresh a token.
*
* @return \Illuminate\Http\JsonResponse
*/
public function refresh()
{
return $this->respondWithToken(auth()->refresh());
}

/**
* Get the token array structure.
*
* @param string $token
*
* @return \Illuminate\Http\JsonResponse
*/
protected function respondWithToken($token)
{
return response()->json([
'access_token' => $token,
'token_type' => 'bearer',
'expires_in' => auth()->factory()->getTTL() * 60
]);
}
}
protected function respondWithToken($token)
{
return response()->json([
'access_token' => $token,
'token_type' => 'bearer',
'expires_in' => auth()->factory()->getTTL() * 60
]);
}
response after a successful login
passing the token as a query parameter
passing the token as Authorization header with Bearer token type

--

--

--

A software engineer from Bangladesh.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

5 Articles every WebDev should read this week (#49)

10 Javascript thing developers should know — — -

YouTube Video | YDKJS — Scopes And Closures — 4

Node.js Alternative after url.parse and querystring Deprecated

[HPM] Error occurred while proxying request [ECONNRESET]

Add font in NextJS in 4 Simple Steps

Dynamic fields in a form using react.js | react-native | add/delete input fields

Dynamic Fields in a form using react.js | react-native

Algorithm to render isometric maps

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mehedi Hassan Sunny

Mehedi Hassan Sunny

A software engineer from Bangladesh.

More from Medium

Setting up local domain on Windows

The Complete List of OAuth 2 Grants

3 steps to solve rails 7 app using Tailwind having Heroku error: We’re sorry, but something went…

Handle File Upload with Express and Multer