Laravel auth with json web token

by Posted on

Tạo project laravel version 5.4

composer create-project --prefer-dist laravel/laravel laravel_jwt "5.4.*"

Tiếp theo đó, config lại file .env để kết nối đến cơ sở dữ liệu:

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=YOUR_DB_NAME
DB_USERNAME=YOUR_MYSQL_USERNAME
DB_PASSWORD=YOUR_MYSQL_PASSWORD

Sửa file D:\xampp\htdocs\laravel_jwt\app\Providers\AppServiceProvider.php

<?php

namespace App\Providers;

use Illuminate\Support\ServiceProvider;
use Illuminate\Support\Facades\Schema;

class AppServiceProvider extends ServiceProvider
{
    /**
     * Bootstrap any application services.
     *
     * @return void
     */
    public function boot()
    {
        Schema::defaultStringLength(191);
    }

    /**
     * Register any application services.
     *
     * @return void
     */
    public function register()
    {
        //
    }
}

Tạo database:

php artisan migrate

Cài đặt JWT
Cài đặt
Để cài đặt JWT dùng câu lệnh composer sau:

composer require tymon/jwt-auth

Cập nhật file config/app.php

'providers' => [
	....
	Tymon\JWTAuth\Providers\LaravelServiceProvider::class,
],
'aliases' => [
	....
	'JWTAuth' => Tymon\JWTAuth\Facades\JWTAuth::class,
],

Pulish file config của jwt:

php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"

Config time token vĩnh viễn không hết hạn cho mobile app mở file config\jwt.php
Tìm line 104 Sửa

    'ttl' => env('JWT_TTL', 60),

Thành

'ttl' => env('JWT_TTL', null),

Sửa required_claims

 'required_claims' => [
        'iss',
        'iat',
        //'exp',
        'nbf',
        'sub',
        'jti',
    ],

Tạo key cho jwt:

php artisan jwt:secret

Sử dụng JWT trong laravel
Update User model
Open User.php and implement JWTSubject for the model

use Tymon\JWTAuth\Contracts\JWTSubject;
class User extends Authenticatable implements JWTSubject

and add 2 methods in the model

 
public function getJWTIdentifier() {
    return $this->getKey();
}
public function getJWTCustomClaims() {
    return [];
}

File User.php hoàn chỉnh

<?php

namespace App;
use Tymon\JWTAuth\Contracts\JWTSubject;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable implements JWTSubject
{
    use Notifiable;

    /**
     * The attributes that are mass assignable.
     *
     * @var array
     */
    protected $fillable = [
        'name', 'email', 'password',
    ];

    /**
     * The attributes that should be hidden for arrays.
     *
     * @var array
     */
    protected $hidden = [
        'password', 'remember_token',
    ];

    /**
     * Get the identifier that will be stored in the subject claim of the JWT.
     *
     * @return mixed
     */
    public function getJWTIdentifier()
    {
        return $this->getKey();
    }

    /**
     * Return a key value array, containing any custom claims to be added to the JWT.
     *
     * @return array
     */
    public function getJWTCustomClaims()
    {
        return [];
    }
}

Cấu hình Auth guard
Edit file config/auth.php

'defaults' => [
    'guard' => 'api',
    'passwords' => 'users',
],

...

'guards' => [
    'api' => [
        'driver' => 'jwt',
        'provider' => 'users',
    ],
],

Open Kernel.php then add in $routeMiddleware

'jwt.auth' => \Tymon\JWTAuth\Http\Middleware\Authenticate::class,
'jwt.refresh' => \Tymon\JWTAuth\Http\Middleware\RefreshToken::class,

Thêm route

Route::post('register', 'AuthController@register');
Route::post('login', 'AuthController@login');
Route::group(['middleware' => ['auth:api']], function () {
	Route::get('user-info', 'AuthController@getUserInfo');
});

Tạo controller AuthController

php artisan make:controller AuthController

Content AuthController.php

Nào, giờ chúng ta hãy check API response bằng Postman.
Link đăng ký http://localhost/laravel_jwt/public/index.php/api/register

Đăng nhập
Link đăng nhập:http://localhost/laravel_jwt/public/index.php/api/login

Sau khi đăng nhập thành công, ta sẽ nhận được JWT token. Ví dụ của mình sẽ có dạng như này:

{"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3RcL2xhcmF2ZWxfand0XC9wdWJsaWNcL2luZGV4LnBocFwvYXBpXC9sb2dpbiIsImlhdCI6MTYwOTE2MjA5MCwibmJmIjoxNjA5MTYyMDkwLCJqdGkiOiJ6MTBlb1BqaWFIdjNHU1lIIiwic3ViIjoyLCJwcnYiOiI4N2UwYWYxZWY5ZmQxNTgxMmZkZWM5NzE1M2ExNGUwYjA0NzU0NmFhIn0.TyeUklirRmlsn1V5PN12x7fG8XNbVXH8xdQD0573CNM"}

Sử dụng bearer token để truy cập http://localhost/laravel_jwt/public/index.php/api/user-info

Link code github here

Published by hai9999