https://github.com/jglchen/laravel-auth-jwt
Laravel JWT API Authentication
https://github.com/jglchen/laravel-auth-jwt
docker jwt-authentication jwt-token laravel php
Last synced: about 2 months ago
JSON representation
Laravel JWT API Authentication
- Host: GitHub
- URL: https://github.com/jglchen/laravel-auth-jwt
- Owner: jglchen
- Created: 2023-08-25T20:46:51.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2023-09-24T09:20:57.000Z (over 2 years ago)
- Last Synced: 2025-07-02T08:10:54.660Z (12 months ago)
- Topics: docker, jwt-authentication, jwt-token, laravel, php
- Language: PHP
- Homepage:
- Size: 81.1 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Laravel JWT API Authentication
There are different types of API authentication systems available in the Laravel application, like Laravel passport, Laravel sanctum and of course, we can also use JWT authentication. In this JSON Web Token Authentication for Laravel application, we will use JWT to create this API authentication in Laravel. **The php-open-source-saver/jwt-auth** package is used in this Laravel JWT authentication.
## Installation
### Install Laravel
First, we need to get a fresh Laravel application using the below command.
```bash
# Create the Laravel application...
composer create-project laravel/laravel laravel-auth-jwt
```
### Connect Database
We are going to use the SQLITE database for this jwt auth Laravel. So connect the database by updating .env like this:
```bash
# .env...
DB_CONNECTION=sqlite
```
Now run the following command to migrate the database.
```bash
# migrate the database...
php artisan migrate
```
### Install JWT
```bash
# install php-open-source-saver/jwt-auth package...
composer require php-open-source-saver/jwt-auth
# publish the configuration file by running this command...
php artisan vendor:publish --provider="PHPOpenSourceSaver\JWTAuth\Providers\LaravelServiceProvider"
# generate JWT secret key...
php artisan jwt:secret
```
### Configure API
```bash
# update config/auth.php
[
'guard' => 'api',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'jwt',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expiry time is the number of minutes that each reset token will be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
| The throttle setting is the number of seconds a user must wait before
| generating more password reset tokens. This prevents the user from
| quickly generating a very large amount of password reset tokens.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'password_reset_tokens',
'expire' => 60,
'throttle' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the amount of seconds before a password confirmation
| times out and the user is prompted to re-enter their password via the
| confirmation screen. By default, the timeout lasts for three hours.
|
*/
'password_timeout' => 10800,
];
```
### Update User Model
```bash
# update app\Models\User.php
*/
protected $fillable = [
'name',
'email',
'password',
];
/**
* The attributes that should be hidden for serialization.
*
* @var array
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
/**
* Get the identifier that will be stored in the subject claim of the JWT.
*
* @return mixed
*/
public function getJWTIdentifier()
{
return $this->getKey();
}
/**
* Return a key value array, containing any custom claims to be added to the JWT.
*
* @return array
*/
public function getJWTCustomClaims()
{
return [];
}
}
```