In this tutorial I’ll cover how to setup JSON Web Token authentication using Laravel and Vue JS. The tutorial will have two parts. To generate JSON Web tokens from the Laravel backend we’ll be using the popular library tymondesigns/jwt-auth by Sean Tymon. Run php artisan jwt:secret to enerate the secret key. Jun 15, 2018 Generate JWT Key. JWT tokens will be signed with an encryption key. Run the following command for laravel 5.5 or above to generate the secret key used to sign the tokens. Php artisan jwt:secret. For versions below 5.5. Php artisan jwt:generate. This tutorial uses laravel 5.6. Next steps of the tutorial are only tested for laravel 5.5 and 5.6.
In this tutorial, i will let you how to implement Laravel 5.4 api authentication using JWT with example. For a web application to secure application resources it is important to implement authentication. When you are working on only web application it is easily done by the session but when we work on api then we can not maintain the authentication through the session. So for that there are many other options to implement authentication through the tokens. Here we will discuss about the JWT (JSON Web Token).
JWT is generally used to send information that can be trusted and verified by means of a digital signature. Now the question arises that when and on which condition we should use JSON Web Tokens.
For all web application where you want to set restriction over each request and you allow user to access application’s services, resources and interaction with the database with the help of security tokens. JWT is a best way to transfer information between different parties in a secure way.
JSON Web Token allows all these features to apply api authentication and it is normally send through the HTTP Authorization headers. And It is a best way to apply security on the REST API web services.
Let’s start the implementation process through step by step.
Step 1: JWT handler package installation
There are various packages are available for JWT but here we will use tymon/jwt-auth package.
So run the following command in your terminal to install the package.
Above command will download package’s files and directories in your application.
Step 2: Add providers and alias in config/app.php file
Add the following line of code into app.php file of config directory to register the provider and alias.
Step 3: Configure JWT for your application
In this step we will publish the JWT configuration file, once it has successfully published then we can see a new file created in following path config/jwt.php. Run the following command to publish the configuration file.
Now for token encryption, We would generate a secret key by running following command in the terminal :
Step 4: Add Route
In this step, We will create routes to register a new user, login with their user credentials and get the authenticated user details by using JWT token. So add the following route in routes/api.php
routes/api.php
As you can see in above routes, We used middleware jwt.auth. So if the user successfully authenticated then you will get user details from the database.
Now we come on the point how can we generate JWTs on the back-end (Laravel) side and obtain them on the front-end and then pass that generated token with each request to access the secure API resource.
Step 5: Create and register middleware
Now We will create a middleware jwt.auth to check if the token is valid or not and also check the exception if the token is expired through the following command.
Now open the generated middleware VerifyJWTToken and copy the code below in that file.
app/Http/Middleware/VerifyJWTToken.php
Above block of code check if requested token is verified by JWT Auth or not if it is not verified then a exception will be thrown the proper status.
Now we will register this middleware into the kernel to filter every HTTP request to your application. Open kernel.php file and put the following line of code.
app/Http/Kernel.php
Step 6: Create UserController
Download Php Jwt
In this step we will create a UserController to handle the user registration and user login logic. Create a controller and put the following lines of code into that file.
app/Http/Controllers/UserController.php
Php Artisan Jwt Key Generator Software
Now your api has been created with jwt authentication. You can check it by sending the request.