API authentication using JWT in Laravel 5.4 tutorial with example

API authentication using JWT in Laravel 5.4 tutorial with example

In this example, you will know how to implement api authentication in Laravel 5.4 using JWT with example.

This is very important to implement authentication in web application.

JWT (JSON Web Token) is usually used to send information that can be trusted and verified by means of a digital signature.

Now question is when should you use JSON Web Tokens ?

This is very common scenario for all the web application where you need to set restriction over request, you allow user to access services, resources and interaction with the database with the help of security token and JSON Web Tokens are a best way to transfer information between parties in secure way.

JWT allow these all feature to apply api authentication and normally used in HTTP Authorization headers.

Using JWT is a good way to apply security on your RESTful API services that can be used to enter into your database.

Install the JWT handler package

In this step, I will install the tymon/jwt-auth package for api authentication.

Run following command to install package :

composer require tymon/jwt-auth
Update the config/app.php for JWT package

In this step, I will update the config/app.php to add service provider and their aliase.

'providers' => [
'aliases' => [
	'JWTAuth' => 'Tymon\JWTAuth\Facades\JWTAuth'

Now publish the JWT configuration file, once you have successfully published then you will see a new file created in following path config/jwt.php.

To publish the configuration file in Laravel you need to run following line of code :

php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\JWTAuthServiceProvider"

Now for token encryption, I need to generate a secret key by running following line of code :

php artisan jwt:generate
Add route

In this step, I will define routes for register a new user, login with user credentials and get the authenticated user details by using token.

  1. Route::post('auth/register', 'UserController@register');
  2. Route::post('auth/login', 'UserController@login');
  3. Route::group(['middleware' => 'jwt.auth'], function () {
  4. Route::get('user', 'UserController@getAuthUser');
  5. });

As you can see in above routes, I used middleware so If successfully authenticated then you will get user details from the database.

The main aspect of this tutorial will be on how I can generate JWTs on the back-end (Laravel) side and obtain them on the front-end and then pass the generated token with each request to the API.

Ok, Now I will create middleware to check if the token is valid or not and also You can handle the exception if the token is expired.

php artisan make:middleware VerifyJWTToken

Using this middleware, you can filter the request and validate the JWT token.

Now open your VerifyJWTToken middleware and put below line of code.

  1. <?php
  2. namespace App\Http\Middleware;
  3. use Closure;
  4. use JWTAuth;
  5. use Tymon\JWTAuth\Exceptions\JWTException;
  6. use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
  7. class VerifyJWTToken
  8. {
  9. /**
  10. * Handle an incoming request.
  11. *
  12. * @param \Illuminate\Http\Request $request
  13. * @param \Closure $next
  14. * @return mixed
  15. */
  16. public function handle($request, Closure $next)
  17. {
  18. try{
  19. $user = JWTAuth::toUser($request->input('token'));
  20. }catch (JWTException $e) {
  21. if($e instanceof \Tymon\JWTAuth\Exceptions\TokenExpiredException) {
  22. return response()->json(['token_expired'], $e->getStatusCode());
  23. }else if ($e instanceof \Tymon\JWTAuth\Exceptions\TokenInvalidException) {
  24. return response()->json(['token_invalid'], $e->getStatusCode());
  25. }else{
  26. return response()->json(['error'=>'Token is required']);
  27. }
  28. }
  29. return $next($request);
  30. }
  31. }

The try block in handle method check if requested token is verified by JWTAuth or not if it is not verified then exception will be handled in catch block with their status.

Now register this middleware in your kernal to run during every HTTP request to your application.

 protected $routeMiddleware = [
        'jwt.auth' => \App\Http\Middleware\VerifyJWTToken::class,
Create UserController

In this step, I will create a controller "UserController.php" to register a user and login with the registered user.

  1. <?php
  2. namespace App\Http\Controllers;
  3. use Illuminate\Http\Request;
  4. use App\Http\Requests;
  5. use App\Http\Controllers\Controller;
  6. use JWTAuth;
  7. use App\User;
  8. use JWTAuthException;
  9. class UserController extends Controller
  10. {
  11. private $user;
  12. public function __construct(User $user){
  13. $this->user = $user;
  14. }
  15. public function register(Request $request){
  16. $user = $this->user->create([
  17. 'name' => $request->get('name'),
  18. 'email' => $request->get('email'),
  19. 'password' => bcrypt($request->get('password'))
  20. ]);
  21. return response()->json(['status'=>true,'message'=>'User created successfully','data'=>$user]);
  22. }
  23. public function login(Request $request){
  24. $credentials = $request->only('email', 'password');
  25. $token = null;
  26. try {
  27. if (!$token = JWTAuth::attempt($credentials)) {
  28. return response()->json(['invalid_email_or_password'], 422);
  29. }
  30. } catch (JWTAuthException $e) {
  31. return response()->json(['failed_to_create_token'], 500);
  32. }
  33. return response()->json(compact('token'));
  34. }
  35. public function getAuthUser(Request $request){
  36. $user = JWTAuth::toUser($request->token);
  37. return response()->json(['result' => $user]);
  38. }
  39. }

Now let's check the API response with Postman.

1 : I will first register a user so that i can login with the help of user credentials.

register a user

2 : Now I will login with the credentials to get a token :

login a user

3 : Now I will hit the api to get user details :

get user details

4 : If you pass the invalid token then you will get following response :

Invalid JWT Token

Click here to know the use of JWT in Node.js

Generate JWT token after login and verify with Node.js API

Phone: (+91) 8800417876
Noida, 201301
okey metin2 pvp serverler metin2 pvp
ataşehir escort maltepe escort bostancı escort kadıköy escort maltepe escort ataşehir escort tuzla escort pendik escort ümraniye escort kartal escort
pendik escort
izmir escort izmir escort izmir escort izmir escort denizli escort antalya escort antalya escort antalya escort izmir escort izmir escort izmir escort izmir escort izmir escort
hatay escort nevsehir escort nigde escort kirikkale escort batman escort osmaniye escort kirklareli escort tokat escort rize escort adiyaman escort gumushane escort batman escort
cialis satış cialis fiyat cialis 20 mg cialis 100 mg cialis 5 mg fiyat

viagra fiyatı

viagra 100 mg fiyat

viagra sipariş

orjinal viagra

viagra satın al

izmir escort
kocaeli escort izmit escort bayan gebze escort izmit sınırsız escort escort bursa tuzla escort aydınlı escort orhanlı escort bursa escort escort bayan istanbul escort istanbul sınırsız escort istanbul bayan escort izmit escort izmit escort kocaeli escort sisli escort mecidiyekoy escort bursa escort bayan bursa görükle escort maltepe escort goztepe escort yakacik-yeni-escort bursa sınırsız escort sisli escort bayan taksim escort bursa escort porno izle sikiş izle atasehir escort antalya escort
ankara escort marmaris escort bursa escort mersin escort antalya escort izmir escort samsun escort bodrum escort çeşme escort kuşadası escort adana escort eskişehir escort gaziantep escort esenyurt escort pendik escort tuzla escort fatih escort ümraniye escort mecidiyeköy escort kartal escort bahçelievler escort bahçeşehir escort ataşehir escort bakırköy escort nişantaşı escort avcılar escort büyükçekmece escort kurtkoy escort konya escort beşiktaş escort taksim escort beylikdüzü escort malatya escort sakarya escort şişli escort maltepe escort kadıköy escort ataköy escort bostancı escort şirinevler escort bağcılar escort üsküdar escort etiler escort başaksehir escort ortaköy escort kağıthane escort sultangazi escort halkalı escort çekmeköy escort şaşkınbakkal escort mamak escort sincan escort keçiören escort çankaya escort beypazarı escort akyurt escort pursaklar escort kahramankazan escort göztepe escort alsancak escort bornova escort buca escort karabaglar escort karşıyaka escort konak escort narlıdere escort izmit escort başiskele escort kandira escort körfez escort karamürsel escort dilovası escort gölcük escort gebze escort kocaeli escort kayseri escort elazığ escort denizli escort diyarbakir escort adana escort ankara escort izmir escort antalya escort gaziantep escort kayseri escort konya escort mersin escort denizli escort kocaeli escort diyarbakır escort